Online Text Editor - Create, Edit, Share and Save Text Files

Loading…
MDF-DIRTY-01-167 # show full-configuration 
#config-version=S124FN-7.02-FW-build434-221212:opmode=0:vdom=0
#conf_file_ver=8807725918197741332
#buildno=0434
#global_vdom=1
config system global
    set 802.1x-ca-certificate "Fortinet_CA"
    set 802.1x-certificate "Fortinet_Factory"
    set admin-concurrent enable
    set admin-lockout-duration 60
    set admin-lockout-threshold 3
    set admin-scp disable
    set admin-ssh-grace-time 120
    set admin-ssh-port 22
    set admin-ssh-v1 disable
    set admin-telnet-port 23
    set admintimeout 480
    set alertd-relog disable
    set allow-subnet-overlap disable
    set arp-timeout 180
    set asset-tag ''
    set auto-isl enable
    set cfg-save automatic
    set clt-cert-req disable
    set csr-ca-attribute enable
    set daily-restart disable
    set detect-ip-conflict enable
    set dhcp-circuit-id intfname vlan mode
    set dhcp-option-format ascii
    set dhcp-remote-id mac
    set dhcp-server-access-list disable
    set dhcp-snoop-client-req drop-untrusted
    set dhcps-db-exp 86400
    set dhcps-db-per-port-learn-limit 64
    set dst enable
    set fortilink-auto-discovery disable
    set hostname "MDF-DIRTY-01-167"
    set image-rotation enable
    set ip-conflict-ignore-default enable
    set ipv6-accept-dad 1
    set ipv6-all-forwarding enable
    set kernel-crashlog enable
    set kernel-devicelog enable
    set ldapconntimeout 500
    set post-login-banner ''
    set pre-login-banner ''
    set private-data-encryption disable
    set radius-coa-port 3799
    set radius-port 1812
    set remoteauthtimeout 5
    set revision-backup-on-logout enable
    set revision-backup-on-upgrade enable
    set strong-crypto enable
    set tcp-mss-min 48
    set tcp6-mss-min 48
    set timezone 04
end
config system alias group
end
config system accprofile
    edit "prof_admin"
        set admingrp read-write
        set exec-alias-grp read-write
        set loggrp read-write
        set mntgrp read-write
        set netgrp read-write
        set pktmongrp read-write
        set routegrp read-write
        set swcoregrp read-write
        set swmonguardgrp read-write
        set sysgrp read-write
        set utilgrp read-write
    next
end
config switch global
    set auto-fortilink-discovery enable
    set auto-isl disable
    set auto-stp-priority enable
    set dhcp-snooping-database-export disable
    set dmi-global-all enable
    set flapguard-retain-trigger disable
    set flood-unknown-multicast disable
    set flood-vtp disable
    set forti-trunk-dmac 02:80:c2:00:00:02
    set fortilink-heartbeat-timeout 60
    set fortilink-p2p-native-vlan 4094
    set fortilink-vlan-optimization disable
    set l2-memory-check enable
    set l2-memory-check-interval 1000
    set log-mac-limit-violations disable
    set loop-guard-tx-interval 3
    set mac-aging-interval 300
    set max-frame-size 10000
    set name ''
    config port-security
        set allow-mac-move disable
        set link-down-auth set-unauth
        set mab-reauth disable
        set max-reauth-attempt 0
        set quarantine-vlan enable
        set reauth-period 60
        set tx-period 30
    end
    set qos-drop-policy taildrop
    set qos-red-probability 12
end
config switch lldp settings
    set status enable
    set tx-hold 4
    set tx-interval 30
    set fast-start-interval 2
    set management-interface "internal"
    set management-address ipv4 ipv6
    set device-detection disable
end
config switch lldp profile
    edit "default"
        unset 802.1-tlvs
        unset 802.3-tlvs
        set auto-isl disable
        set auto-isl-hello-timer 3
        set auto-isl-receive-timeout 60
        config med-location-service
            edit "coordinates"
                set status disable
            next
            edit "address-civic"
                set status disable
            next
            edit "elin-number"
                set status disable
            next
        end
        config med-network-policy
            edit "voice"
                set status disable
            next
            edit "voice-signaling"
                set status disable
            next
            edit "guest-voice"
                set status disable
            next
            edit "guest-voice-signaling"
                set status disable
            next
            edit "softphone-voice"
                set status disable
            next
            edit "video-conferencing"
                set status disable
            next
            edit "streaming-video"
                set status disable
            next
            edit "video-signaling"
                set status disable
            next
        end
        set med-tlvs inventory-management network-policy location-identification
    next
    edit "default-auto-isl"
        unset 802.1-tlvs
        unset 802.3-tlvs
        set auto-isl enable
        set auto-isl-hello-timer 3
        set auto-isl-receive-timeout 60
        unset med-tlvs
    next
end
config switch qos qos-policy
    edit "default"
        config cos-queue
            edit "queue-0"
                set description ''
                set max-rate 0
                set weight 1
            next
            edit "queue-1"
                set description ''
                set max-rate 0
                set weight 1
            next
            edit "queue-2"
                set description ''
                set max-rate 0
                set weight 1
            next
            edit "queue-3"
                set description ''
                set max-rate 0
                set weight 1
            next
            edit "queue-4"
                set description ''
                set max-rate 0
                set weight 1
            next
            edit "queue-5"
                set description ''
                set max-rate 0
                set weight 1
            next
            edit "queue-6"
                set description ''
                set max-rate 0
                set weight 1
            next
            edit "queue-7"
                set description ''
                set max-rate 0
                set weight 1
            next
        end
        set rate-by kbps
        set schedule round-robin
    next
end
config switch physical-port
    edit "port1"
        set cdp-status disable
        set description ''
        set dmi-status global
        set egress-drop-mode enabled
        set energy-efficient-ethernet disable
        set flapguard disabled
        set flow-control disable
        set fortilink-p2p disable
        set l2-learning enabled
        set lldp-profile "default-auto-isl"
        set lldp-status tx-rx
        set loopback disable
        set speed auto
        set status up
        set storm-control-mode global
    next
    edit "port2"
        set cdp-status disable
        set description ''
        set dmi-status global
        set egress-drop-mode enabled
        set energy-efficient-ethernet disable
        set flapguard disabled
        set flow-control disable
        set fortilink-p2p disable
        set l2-learning enabled
        set lldp-profile "default-auto-isl"
        set lldp-status tx-rx
        set loopback disable
        set speed auto
        set status up
        set storm-control-mode global
    next
    edit "port3"
        set cdp-status disable
        set description ''
        set dmi-status global
        set egress-drop-mode enabled
        set energy-efficient-ethernet disable
        set flapguard disabled
        set flow-control disable
        set fortilink-p2p disable
        set l2-learning enabled
        set lldp-profile "default-auto-isl"
        set lldp-status tx-rx
        set loopback disable
        set speed auto
        set status up
        set storm-control-mode global
    next
    edit "port4"
        set cdp-status disable
        set description ''
        set dmi-status global
        set egress-drop-mode enabled
        set energy-efficient-ethernet disable
        set flapguard disabled
        set flow-control disable
        set fortilink-p2p disable
        set l2-learning enabled
        set lldp-profile "default-auto-isl"
        set lldp-status tx-rx
        set loopback disable
        set speed auto
        set status up
        set storm-control-mode global
    next
    edit "port5"
        set cdp-status disable
        set description ''
        set dmi-status global
        set egress-drop-mode enabled
        set energy-efficient-ethernet disable
        set flapguard disabled
        set flow-control disable
        set fortilink-p2p disable
        set l2-learning enabled
        set lldp-profile "default-auto-isl"
        set lldp-status tx-rx
        set loopback disable
        set speed auto
        set status up
        set storm-control-mode global
    next
    edit "port6"
        set cdp-status disable
        set description ''
        set dmi-status global
        set egress-drop-mode enabled
        set energy-efficient-ethernet disable
        set flapguard disabled
        set flow-control disable
        set fortilink-p2p disable
        set l2-learning enabled
        set lldp-profile "default-auto-isl"
        set lldp-status tx-rx
        set loopback disable
        set speed auto
        set status up
        set storm-control-mode global
    next
    edit "port7"
        set cdp-status disable
        set description ''
        set dmi-status global
        set egress-drop-mode enabled
        set energy-efficient-ethernet disable
        set flapguard disabled
        set flow-control disable
        set fortilink-p2p disable
        set l2-learning enabled
        set lldp-profile "default-auto-isl"
        set lldp-status tx-rx
        set loopback disable
        set speed auto
        set status up
        set storm-control-mode global
    next
    edit "port8"
        set cdp-status disable
        set description ''
        set dmi-status global
        set egress-drop-mode enabled
        set energy-efficient-ethernet disable
        set flapguard disabled
        set flow-control disable
        set fortilink-p2p disable
        set l2-learning enabled
        set lldp-profile "default-auto-isl"
        set lldp-status tx-rx
        set loopback disable
        set speed auto
        set status up
        set storm-control-mode global
    next
    edit "port9"
        set cdp-status disable
        set description ''
        set dmi-status global
        set egress-drop-mode enabled
        set energy-efficient-ethernet disable
        set flapguard disabled
        set flow-control disable
        set fortilink-p2p disable
        set l2-learning enabled
        set lldp-profile "default-auto-isl"
        set lldp-status tx-rx
        set loopback disable
        set speed auto
        set status up
        set storm-control-mode global
    next
    edit "port10"
        set cdp-status disable
        set description ''
        set dmi-status global
        set egress-drop-mode enabled
        set energy-efficient-ethernet disable
        set flapguard disabled
        set flow-control disable
        set fortilink-p2p disable
        set l2-learning enabled
        set lldp-profile "default-auto-isl"
        set lldp-status tx-rx
        set loopback disable
        set speed auto
        set status up
        set storm-control-mode global
    next
    edit "port11"
        set cdp-status disable
        set description ''
        set dmi-status global
        set egress-drop-mode enabled
        set energy-efficient-ethernet disable
        set flapguard disabled
        set flow-control disable
        set fortilink-p2p disable
        set l2-learning enabled
        set lldp-profile "default-auto-isl"
        set lldp-status tx-rx
        set loopback disable
        set speed auto
        set status up
        set storm-control-mode global
    next
    edit "port12"
        set cdp-status disable
        set description ''
        set dmi-status global
        set egress-drop-mode enabled
        set energy-efficient-ethernet disable
        set flapguard disabled
        set flow-control disable
        set fortilink-p2p disable
        set l2-learning enabled
        set lldp-profile "default-auto-isl"
        set lldp-status tx-rx
        set loopback disable
        set speed auto
        set status up
        set storm-control-mode global
    next
    edit "port13"
        set cdp-status disable
        set description ''
        set dmi-status global
        set egress-drop-mode enabled
        set energy-efficient-ethernet disable
        set flapguard disabled
        set flow-control disable
        set fortilink-p2p disable
        set l2-learning enabled
        set lldp-profile "default-auto-isl"
        set lldp-status tx-rx
        set loopback disable
        set speed auto
        set status up
        set storm-control-mode global
    next
    edit "port14"
        set cdp-status disable
        set description ''
        set dmi-status global
        set egress-drop-mode enabled
        set energy-efficient-ethernet disable
        set flapguard disabled
        set flow-control disable
        set fortilink-p2p disable
        set l2-learning enabled
        set lldp-profile "default-auto-isl"
        set lldp-status tx-rx
        set loopback disable
        set speed auto
        set status up
        set storm-control-mode global
    next
    edit "port15"
        set cdp-status disable
        set description ''
        set dmi-status global
        set egress-drop-mode enabled
        set energy-efficient-ethernet disable
        set flapguard disabled
        set flow-control disable
        set fortilink-p2p disable
        set l2-learning enabled
        set lldp-profile "default-auto-isl"
        set lldp-status tx-rx
        set loopback disable
        set speed auto
        set status up
        set storm-control-mode global
    next
    edit "port16"
        set cdp-status disable
        set description ''
        set dmi-status global
        set egress-drop-mode enabled
        set energy-efficient-ethernet disable
        set flapguard disabled
        set flow-control disable
        set fortilink-p2p disable
        set l2-learning enabled
        set lldp-profile "default-auto-isl"
        set lldp-status tx-rx
        set loopback disable
        set speed auto
        set status up
        set storm-control-mode global
    next
    edit "port17"
        set cdp-status disable
        set description ''
        set dmi-status global
        set egress-drop-mode enabled
        set energy-efficient-ethernet disable
        set flapguard disabled
        set flow-control disable
        set fortilink-p2p disable
        set l2-learning enabled
        set lldp-profile "default-auto-isl"
        set lldp-status tx-rx
        set loopback disable
        set speed auto
        set status up
        set storm-control-mode global
    next
    edit "port18"
        set cdp-status disable
        set description ''
        set dmi-status global
        set egress-drop-mode enabled
        set energy-efficient-ethernet disable
        set flapguard disabled
        set flow-control disable
        set fortilink-p2p disable
        set l2-learning enabled
        set lldp-profile "default-auto-isl"
        set lldp-status tx-rx
        set loopback disable
        set speed auto
        set status up
        set storm-control-mode global
    next
    edit "port19"
        set cdp-status disable
        set description ''
        set dmi-status global
        set egress-drop-mode enabled
        set energy-efficient-ethernet disable
        set flapguard disabled
        set flow-control disable
        set fortilink-p2p disable
        set l2-learning enabled
        set lldp-profile "default-auto-isl"
        set lldp-status tx-rx
        set loopback disable
        set speed auto
        set status up
        set storm-control-mode global
    next
    edit "port20"
        set cdp-status disable
        set description ''
        set dmi-status global
        set egress-drop-mode enabled
        set energy-efficient-ethernet disable
        set flapguard disabled
        set flow-control disable
        set fortilink-p2p disable
        set l2-learning enabled
        set lldp-profile "default-auto-isl"
        set lldp-status tx-rx
        set loopback disable
        set speed auto
        set status up
        set storm-control-mode global
    next
    edit "port21"
        set cdp-status disable
        set description ''
        set dmi-status global
        set egress-drop-mode enabled
        set energy-efficient-ethernet disable
        set flapguard disabled
        set flow-control disable
        set fortilink-p2p disable
        set l2-learning enabled
        set lldp-profile "default-auto-isl"
        set lldp-status tx-rx
        set loopback disable
        set speed auto
        set status up
        set storm-control-mode global
    next
    edit "port22"
        set cdp-status disable
        set description ''
        set dmi-status global
        set egress-drop-mode enabled
        set energy-efficient-ethernet disable
        set flapguard disabled
        set flow-control disable
        set fortilink-p2p disable
        set l2-learning enabled
        set lldp-profile "default-auto-isl"
        set lldp-status tx-rx
        set loopback disable
        set speed auto
        set status up
        set storm-control-mode global
     next
    edit "port23"
        set cdp-status disable
        set description ''
        set dmi-status global
        set egress-drop-mode enabled
        set energy-efficient-ethernet disable
        set flapguard disabled
        set flow-control disable
        set fortilink-p2p disable
        set l2-learning enabled
        set lldp-profile "default-auto-isl"
        set lldp-status tx-rx
        set loopback disable
        set speed auto
        set status up
        set storm-control-mode global
    next
    edit "port24"
        set cdp-status disable
        set description ''
        set dmi-status global
        set egress-drop-mode enabled
        set energy-efficient-ethernet disable
        set flapguard disabled
        set flow-control disable
        set fortilink-p2p disable
        set l2-learning enabled
        set lldp-profile "default-auto-isl"
        set lldp-status tx-rx
        set loopback disable
        set speed auto
        set status up
        set storm-control-mode global
    next
    edit "port25"
        set cdp-status disable
        set description ''
        set dmi-status global
        set egress-drop-mode enabled
        set flapguard disabled
        set flow-control disable
        set fortilink-p2p disable
        set l2-learning enabled
        set lldp-profile "default-auto-isl"
        set lldp-status tx-rx
        set loopback disable
        set speed auto-module
        set status up
        set storm-control-mode global
    next
    edit "port26"
        set cdp-status disable
        set description ''
        set dmi-status global
        set egress-drop-mode enabled
        set flapguard disabled
        set flow-control disable
        set fortilink-p2p disable
        set l2-learning enabled
        set lldp-profile "default-auto-isl"
        set lldp-status tx-rx
        set loopback disable
        set speed auto-module
        set status up
        set storm-control-mode global
    next
    edit "port27"
        set cdp-status disable
        set description ''
        set dmi-status global
        set egress-drop-mode enabled
        set flapguard disabled
        set flow-control disable
        set fortilink-p2p disable
        set l2-learning enabled
        set lldp-profile "default-auto-isl"
        set lldp-status tx-rx
        set loopback disable
        set speed auto-module
        set status up
        set storm-control-mode global
    next
    edit "port28"
        set cdp-status disable
        set description ''
        set dmi-status global
        set egress-drop-mode enabled
        set flapguard disabled
        set flow-control disable
        set fortilink-p2p disable
        set l2-learning enabled
        set lldp-profile "default-auto-isl"
        set lldp-status tx-rx
        set loopback disable
        set speed auto-module
        set status up
        set storm-control-mode global
    next
    edit "internal"
        set description ''
        set fortilink-p2p disable
        set storm-control-mode disabled
    next
end
config switch interface
    edit "port1"
        set description ''
        set native-vlan 1
        unset allowed-vlans
        unset untagged-vlans
        set discard-mode none
        set dhcp-snooping untrusted
        set dhcp-snoop-learning-limit-check disable
        set dhcp-snoop-option82-trust disable
        set arp-inspection-trust untrusted
        set stp-state enabled
        set stp-loop-protection disabled
        set stp-root-guard disabled
        set stp-bpdu-guard disabled
        set loop-guard disabled
        set edge-port enabled
        set rpvst-port disabled
        set auto-discovery-fortilink disable
        set auto-discovery-fortilink-packet-interval 5
        set igmp-snooping-flood-reports disable
        set mcast-snooping-flood-traffic disable
        set packet-sampler disabled
        set sflow-counter-interval 0
        set snmp-index 1
        config port-security
            set port-security-mode none
        end
        set trust-dot1p-map ''
        set trust-ip-dscp-map ''
        set default-cos 0
        set qos-policy "default"
        set learning-limit 0
        set sticky-mac disable
        set log-mac-event disable
        set nac disable
    next
    edit "port2"
        set description ''
        set native-vlan 1
        unset allowed-vlans
        unset untagged-vlans
        set discard-mode none
        set dhcp-snooping untrusted
        set dhcp-snoop-learning-limit-check disable
        set dhcp-snoop-option82-trust disable
        set arp-inspection-trust untrusted
        set stp-state enabled
        set stp-loop-protection disabled
        set stp-root-guard disabled
        set stp-bpdu-guard disabled
        set loop-guard disabled
        set edge-port enabled
        set rpvst-port disabled
        set auto-discovery-fortilink enable
        set auto-discovery-fortilink-packet-interval 5
        set igmp-snooping-flood-reports disable
        set mcast-snooping-flood-traffic disable
        set packet-sampler disabled
        set sflow-counter-interval 0
        set snmp-index 2
        config port-security
            set port-security-mode none
        end
        set trust-dot1p-map ''
        set trust-ip-dscp-map ''
        set default-cos 0
        set qos-policy "default"
        set learning-limit 0
        set sticky-mac disable
        set log-mac-event disable
        set nac disable
    next
    edit "port3"
        set description ''
        set native-vlan 1
        unset allowed-vlans
        unset untagged-vlans
        set discard-mode none
        set dhcp-snooping untrusted
        set dhcp-snoop-learning-limit-check disable
        set dhcp-snoop-option82-trust disable
        set arp-inspection-trust untrusted
        set stp-state enabled
        set stp-loop-protection disabled
        set stp-root-guard disabled
        set stp-bpdu-guard disabled
        set loop-guard disabled
        set edge-port enabled
        set rpvst-port disabled
        set auto-discovery-fortilink enable
        set auto-discovery-fortilink-packet-interval 5
        set igmp-snooping-flood-reports disable
        set mcast-snooping-flood-traffic disable
        set packet-sampler disabled
        set sflow-counter-interval 0
        set snmp-index 3
        config port-security
            set port-security-mode none
        end
        set trust-dot1p-map ''
        set trust-ip-dscp-map ''
        set default-cos 0
        set qos-policy "default"
        set learning-limit 0
        set sticky-mac disable
        set log-mac-event disable
        set nac disable
    next
    edit "port4"
        set description ''
        set native-vlan 1
        unset allowed-vlans
        unset untagged-vlans
        set discard-mode none
        set dhcp-snooping untrusted
        set dhcp-snoop-learning-limit-check disable
        set dhcp-snoop-option82-trust disable
        set arp-inspection-trust untrusted
        set stp-state enabled
        set stp-loop-protection disabled
        set stp-root-guard disabled
        set stp-bpdu-guard disabled
        set loop-guard disabled
        set edge-port enabled
        set rpvst-port disabled
        set auto-discovery-fortilink enable
        set auto-discovery-fortilink-packet-interval 5
        set igmp-snooping-flood-reports disable
        set mcast-snooping-flood-traffic disable
        set packet-sampler disabled
        set sflow-counter-interval 0
        set snmp-index 4
        config port-security
            set port-security-mode none
        end
        set trust-dot1p-map ''
        set trust-ip-dscp-map ''
        set default-cos 0
        set qos-policy "default"
        set learning-limit 0
        set sticky-mac disable
        set log-mac-event disable
        set nac disable
    next
    edit "port5"
        set description ''
        set native-vlan 1
        unset allowed-vlans
        unset untagged-vlans
        set discard-mode none
        set dhcp-snooping untrusted
        set dhcp-snoop-learning-limit-check disable
        set dhcp-snoop-option82-trust disable
        set arp-inspection-trust untrusted
        set stp-state enabled
        set stp-loop-protection disabled
        set stp-root-guard disabled
        set stp-bpdu-guard disabled
        set loop-guard disabled
        set edge-port enabled
        set rpvst-port disabled
        set auto-discovery-fortilink enable
        set auto-discovery-fortilink-packet-interval 5
        set igmp-snooping-flood-reports disable
        set mcast-snooping-flood-traffic disable
        set packet-sampler disabled
        set sflow-counter-interval 0
        set snmp-index 5
        config port-security
            set port-security-mode none
        end
        set trust-dot1p-map ''
        set trust-ip-dscp-map ''
        set default-cos 0
        set qos-policy "default"
        set learning-limit 0
        set sticky-mac disable
        set log-mac-event disable
        set nac disable
    next
    edit "port6"
        set description ''
        set native-vlan 1
        unset allowed-vlans
        unset untagged-vlans
        set discard-mode none
        set dhcp-snooping untrusted
        set dhcp-snoop-learning-limit-check disable
        set dhcp-snoop-option82-trust disable
        set arp-inspection-trust untrusted
        set stp-state enabled
        set stp-loop-protection disabled
        set stp-root-guard disabled
        set stp-bpdu-guard disabled
        set loop-guard disabled
        set edge-port enabled
        set rpvst-port disabled
        set auto-discovery-fortilink enable
        set auto-discovery-fortilink-packet-interval 5
        set igmp-snooping-flood-reports disable
        set mcast-snooping-flood-traffic disable
        set packet-sampler disabled
        set sflow-counter-interval 0
        set snmp-index 6
        config port-security
            set port-security-mode none
        end
        set trust-dot1p-map ''
        set trust-ip-dscp-map ''
        set default-cos 0
        set qos-policy "default"
        set learning-limit 0
        set sticky-mac disable
        set log-mac-event disable
        set nac disable
    next
    edit "port7"
        set description ''
        set native-vlan 1
        unset allowed-vlans
        unset untagged-vlans
        set discard-mode none
        set dhcp-snooping untrusted
        set dhcp-snoop-learning-limit-check disable
        set dhcp-snoop-option82-trust disable
        set arp-inspection-trust untrusted
        set stp-state enabled
        set stp-loop-protection disabled
        set stp-root-guard disabled
        set stp-bpdu-guard disabled
        set loop-guard disabled
        set edge-port enabled
        set rpvst-port disabled
        set auto-discovery-fortilink enable
        set auto-discovery-fortilink-packet-interval 5
        set igmp-snooping-flood-reports disable
        set mcast-snooping-flood-traffic disable
        set packet-sampler disabled
        set sflow-counter-interval 0
        set snmp-index 7
        config port-security
            set port-security-mode none
        end
        set trust-dot1p-map ''
        set trust-ip-dscp-map ''
        set default-cos 0
        set qos-policy "default"
        set learning-limit 0
        set sticky-mac disable
        set log-mac-event disable
        set nac disable
    next
    edit "port8"
        set description ''
        set native-vlan 1
        unset allowed-vlans
        unset untagged-vlans
        set discard-mode none
        set dhcp-snooping untrusted
        set dhcp-snoop-learning-limit-check disable
        set dhcp-snoop-option82-trust disable
        set arp-inspection-trust untrusted
        set stp-state enabled
        set stp-loop-protection disabled
        set stp-root-guard disabled
        set stp-bpdu-guard disabled
        set loop-guard disabled
        set edge-port enabled
        set rpvst-port disabled
        set auto-discovery-fortilink enable
        set auto-discovery-fortilink-packet-interval 5
        set igmp-snooping-flood-reports disable
        set mcast-snooping-flood-traffic disable
        set packet-sampler disabled
        set sflow-counter-interval 0
        set snmp-index 8
        config port-security
            set port-security-mode none
        end
        set trust-dot1p-map ''
        set trust-ip-dscp-map ''
        set default-cos 0
        set qos-policy "default"
        set learning-limit 0
        set sticky-mac disable
        set log-mac-event disable
        set nac disable
    next
    edit "port9"
        set description ''
        set native-vlan 1
        unset allowed-vlans
        unset untagged-vlans
        set discard-mode none
        set dhcp-snooping untrusted
        set dhcp-snoop-learning-limit-check disable
        set dhcp-snoop-option82-trust disable
        set arp-inspection-trust untrusted
        set stp-state enabled
        set stp-loop-protection disabled
        set stp-root-guard disabled
        set stp-bpdu-guard disabled
        set loop-guard disabled
        set edge-port enabled
        set rpvst-port disabled
        set auto-discovery-fortilink enable
        set auto-discovery-fortilink-packet-interval 5
        set igmp-snooping-flood-reports disable
        set mcast-snooping-flood-traffic disable
        set packet-sampler disabled
        set sflow-counter-interval 0
        set snmp-index 9
        config port-security
            set port-security-mode none
        end
        set trust-dot1p-map ''
        set trust-ip-dscp-map ''
        set default-cos 0
        set qos-policy "default"
        set learning-limit 0
        set sticky-mac disable
        set log-mac-event disable
        set nac disable
    next
    edit "port10"
        set description ''
        set native-vlan 1
        unset allowed-vlans
        unset untagged-vlans
        set discard-mode none
        set dhcp-snooping untrusted
        set dhcp-snoop-learning-limit-check disable
        set dhcp-snoop-option82-trust disable
        set arp-inspection-trust untrusted
        set stp-state enabled
        set stp-loop-protection disabled
        set stp-root-guard disabled
        set stp-bpdu-guard disabled
        set loop-guard disabled
        set edge-port enabled
        set rpvst-port disabled
        set auto-discovery-fortilink enable
        set auto-discovery-fortilink-packet-interval 5
        set igmp-snooping-flood-reports disable
        set mcast-snooping-flood-traffic disable
        set packet-sampler disabled
        set sflow-counter-interval 0
        set snmp-index 10
        config port-security
            set port-security-mode none
        end
        set trust-dot1p-map ''
        set trust-ip-dscp-map ''
        set default-cos 0
        set qos-policy "default"
        set learning-limit 0
        set sticky-mac disable
        set log-mac-event disable
        set nac disable
    next
    edit "port11"
        set description ''
        set native-vlan 1
        unset allowed-vlans
        unset untagged-vlans
        set discard-mode none
        set dhcp-snooping untrusted
        set dhcp-snoop-learning-limit-check disable
        set dhcp-snoop-option82-trust disable
        set arp-inspection-trust untrusted
        set stp-state enabled
        set stp-loop-protection disabled
        set stp-root-guard disabled
        set stp-bpdu-guard disabled
        set loop-guard disabled
        set edge-port enabled
        set rpvst-port disabled
        set auto-discovery-fortilink enable
        set auto-discovery-fortilink-packet-interval 5
        set igmp-snooping-flood-reports disable
        set mcast-snooping-flood-traffic disable
        set packet-sampler disabled
        set sflow-counter-interval 0
        set snmp-index 11
        config port-security
            set port-security-mode none
        end
        set trust-dot1p-map ''
        set trust-ip-dscp-map ''
        set default-cos 0
        set qos-policy "default"
        set learning-limit 0
        set sticky-mac disable
        set log-mac-event disable
        set nac disable
    next
    edit "port12"
        set description ''
        set native-vlan 1
        unset allowed-vlans
        unset untagged-vlans
        set discard-mode none
        set dhcp-snooping untrusted
        set dhcp-snoop-learning-limit-check disable
        set dhcp-snoop-option82-trust disable
        set arp-inspection-trust untrusted
        set stp-state enabled
        set stp-loop-protection disabled
        set stp-root-guard disabled
        set stp-bpdu-guard disabled
        set loop-guard disabled
        set edge-port enabled
        set rpvst-port disabled
        set auto-discovery-fortilink enable
        set auto-discovery-fortilink-packet-interval 5
        set igmp-snooping-flood-reports disable
        set mcast-snooping-flood-traffic disable
        set packet-sampler disabled
        set sflow-counter-interval 0
        set snmp-index 12
        config port-security
            set port-security-mode none
        end
        set trust-dot1p-map ''
        set trust-ip-dscp-map ''
        set default-cos 0
        set qos-policy "default"
        set learning-limit 0
        set sticky-mac disable
        set log-mac-event disable
        set nac disable
    next
    edit "port13"
        set description ''
        set native-vlan 1
        unset allowed-vlans
        unset untagged-vlans
        set discard-mode none
        set dhcp-snooping untrusted
        set dhcp-snoop-learning-limit-check disable
        set dhcp-snoop-option82-trust disable
        set arp-inspection-trust untrusted
        set stp-state enabled
        set stp-loop-protection disabled
        set stp-root-guard disabled
        set stp-bpdu-guard disabled
        set loop-guard disabled
        set edge-port enabled
        set rpvst-port disabled
        set auto-discovery-fortilink enable
        set auto-discovery-fortilink-packet-interval 5
        set igmp-snooping-flood-reports disable
        set mcast-snooping-flood-traffic disable
        set packet-sampler disabled
        set sflow-counter-interval 0
        set snmp-index 13
        config port-security
            set port-security-mode none
        end
        set trust-dot1p-map ''
        set trust-ip-dscp-map ''
        set default-cos 0
        set qos-policy "default"
        set learning-limit 0
        set sticky-mac disable
        set log-mac-event disable
        set nac disable
    next
    edit "port14"
        set description ''
        set native-vlan 1
        unset allowed-vlans
        unset untagged-vlans
        set discard-mode none
        set dhcp-snooping untrusted
        set dhcp-snoop-learning-limit-check disable
        set dhcp-snoop-option82-trust disable
        set arp-inspection-trust untrusted
        set stp-state enabled
        set stp-loop-protection disabled
        set stp-root-guard disabled
        set stp-bpdu-guard disabled
        set loop-guard disabled
        set edge-port enabled
        set rpvst-port disabled
        set auto-discovery-fortilink enable
        set auto-discovery-fortilink-packet-interval 5
        set igmp-snooping-flood-reports disable
        set mcast-snooping-flood-traffic disable
        set packet-sampler disabled
        set sflow-counter-interval 0
        set snmp-index 14
        config port-security
            set port-security-mode none
        end
        set trust-dot1p-map ''
        set trust-ip-dscp-map ''
        set default-cos 0
        set qos-policy "default"
        set learning-limit 0
        set sticky-mac disable
        set log-mac-event disable
        set nac disable
    next
    edit "port15"
        set description ''
        set native-vlan 1
        unset allowed-vlans
        unset untagged-vlans
        set discard-mode none
        set dhcp-snooping untrusted
        set dhcp-snoop-learning-limit-check disable
        set dhcp-snoop-option82-trust disable
        set arp-inspection-trust untrusted
        set stp-state enabled
        set stp-loop-protection disabled
        set stp-root-guard disabled
        set stp-bpdu-guard disabled
        set loop-guard disabled
        set edge-port enabled
        set rpvst-port disabled
        set auto-discovery-fortilink enable
        set auto-discovery-fortilink-packet-interval 5
        set igmp-snooping-flood-reports disable
        set mcast-snooping-flood-traffic disable
        set packet-sampler disabled
        set sflow-counter-interval 0
        set snmp-index 15
        config port-security
            set port-security-mode none
        end
        set trust-dot1p-map ''
        set trust-ip-dscp-map ''
        set default-cos 0
        set qos-policy "default"
        set learning-limit 0
        set sticky-mac disable
        set log-mac-event disable
        set nac disable
    next
    edit "port16"
        set description ''
        set native-vlan 1
        unset allowed-vlans
        unset untagged-vlans
        set discard-mode none
        set dhcp-snooping untrusted
        set dhcp-snoop-learning-limit-check disable
        set dhcp-snoop-option82-trust disable
        set arp-inspection-trust untrusted
        set stp-state enabled
        set stp-loop-protection disabled
        set stp-root-guard disabled
        set stp-bpdu-guard disabled
        set loop-guard disabled
        set edge-port enabled
        set rpvst-port disabled
        set auto-discovery-fortilink enable
        set auto-discovery-fortilink-packet-interval 5
        set igmp-snooping-flood-reports disable
        set mcast-snooping-flood-traffic disable
        set packet-sampler disabled
        set sflow-counter-interval 0
        set snmp-index 16
        config port-security
            set port-security-mode none
        end
        set trust-dot1p-map ''
        set trust-ip-dscp-map ''
        set default-cos 0
        set qos-policy "default"
        set learning-limit 0
        set sticky-mac disable
        set log-mac-event disable
        set nac disable
    next
    edit "port17"
        set description ''
        set native-vlan 1
        unset allowed-vlans
        unset untagged-vlans
        set discard-mode none
        set dhcp-snooping untrusted
        set dhcp-snoop-learning-limit-check disable
        set dhcp-snoop-option82-trust disable
        set arp-inspection-trust untrusted
        set stp-state enabled
        set stp-loop-protection disabled
        set stp-root-guard disabled
        set stp-bpdu-guard disabled
        set loop-guard disabled
        set edge-port enabled
        set rpvst-port disabled
        set auto-discovery-fortilink enable
        set auto-discovery-fortilink-packet-interval 5
        set igmp-snooping-flood-reports disable
        set mcast-snooping-flood-traffic disable
        set packet-sampler disabled
        set sflow-counter-interval 0
        set snmp-index 17
        config port-security
            set port-security-mode none
        end
        set trust-dot1p-map ''
        set trust-ip-dscp-map ''
        set default-cos 0
        set qos-policy "default"
        set learning-limit 0
        set sticky-mac disable
        set log-mac-event disable
        set nac disable
    next
    edit "port18"
        set description ''
        set native-vlan 1
        unset allowed-vlans
        unset untagged-vlans
        set discard-mode none
        set dhcp-snooping untrusted
        set dhcp-snoop-learning-limit-check disable
        set dhcp-snoop-option82-trust disable
        set arp-inspection-trust untrusted
        set stp-state enabled
        set stp-loop-protection disabled
        set stp-root-guard disabled
        set stp-bpdu-guard disabled
        set loop-guard disabled
        set edge-port enabled
        set rpvst-port disabled
        set auto-discovery-fortilink enable
        set auto-discovery-fortilink-packet-interval 5
        set igmp-snooping-flood-reports disable
        set mcast-snooping-flood-traffic disable
        set packet-sampler disabled
        set sflow-counter-interval 0
        set snmp-index 18
        config port-security
            set port-security-mode none
        end
        set trust-dot1p-map ''
        set trust-ip-dscp-map ''
        set default-cos 0
        set qos-policy "default"
        set learning-limit 0
        set sticky-mac disable
        set log-mac-event disable
        set nac disable
    next
    edit "port19"
        set description ''
        set native-vlan 1
        unset allowed-vlans
        unset untagged-vlans
        set discard-mode none
        set dhcp-snooping untrusted
        set dhcp-snoop-learning-limit-check disable
        set dhcp-snoop-option82-trust disable
        set arp-inspection-trust untrusted
        set stp-state enabled
        set stp-loop-protection disabled
        set stp-root-guard disabled
        set stp-bpdu-guard disabled
        set loop-guard disabled
        set edge-port enabled
        set rpvst-port disabled
        set auto-discovery-fortilink enable
        set auto-discovery-fortilink-packet-interval 5
        set igmp-snooping-flood-reports disable
        set mcast-snooping-flood-traffic disable
        set packet-sampler disabled
        set sflow-counter-interval 0
        set snmp-index 19
        config port-security
            set port-security-mode none
        end
        set trust-dot1p-map ''
        set trust-ip-dscp-map ''
        set default-cos 0
        set qos-policy "default"
        set learning-limit 0
        set sticky-mac disable
        set log-mac-event disable
        set nac disable
    next
    edit "port20"
        set description ''
        set native-vlan 1
        unset allowed-vlans
        unset untagged-vlans
        set discard-mode none
        set dhcp-snooping untrusted
        set dhcp-snoop-learning-limit-check disable
        set dhcp-snoop-option82-trust disable
        set arp-inspection-trust untrusted
        set stp-state enabled
        set stp-loop-protection disabled
        set stp-root-guard disabled
        set stp-bpdu-guard disabled
        set loop-guard disabled
        set edge-port enabled
        set rpvst-port disabled
        set auto-discovery-fortilink enable
        set auto-discovery-fortilink-packet-interval 5
        set igmp-snooping-flood-reports disable
        set mcast-snooping-flood-traffic disable
        set packet-sampler disabled
        set sflow-counter-interval 0
        set snmp-index 20
        config port-security
            set port-security-mode none
        end
        set trust-dot1p-map ''
        set trust-ip-dscp-map ''
        set default-cos 0
        set qos-policy "default"
        set learning-limit 0
        set sticky-mac disable
        set log-mac-event disable
        set nac disable
    next
    edit "port21"
        set description ''
        set native-vlan 1
        unset allowed-vlans
        unset untagged-vlans
        set discard-mode none
        set dhcp-snooping untrusted
        set dhcp-snoop-learning-limit-check disable
        set dhcp-snoop-option82-trust disable
        set arp-inspection-trust untrusted
        set stp-state enabled
        set stp-loop-protection disabled
        set stp-root-guard disabled
        set stp-bpdu-guard disabled
        set loop-guard disabled
        set edge-port enabled
        set rpvst-port disabled
        set auto-discovery-fortilink enable
        set auto-discovery-fortilink-packet-interval 5
        set igmp-snooping-flood-reports disable
        set mcast-snooping-flood-traffic disable
        set packet-sampler disabled
        set sflow-counter-interval 0
        set snmp-index 21
        config port-security
            set port-security-mode none
        end
        set trust-dot1p-map ''
        set trust-ip-dscp-map ''
        set default-cos 0
        set qos-policy "default"
        set learning-limit 0
        set sticky-mac disable
        set log-mac-event disable
        set nac disable
    next
    edit "port22"
        set description ''
        set native-vlan 1
        unset allowed-vlans
        unset untagged-vlans
        set discard-mode none
        set dhcp-snooping untrusted
        set dhcp-snoop-learning-limit-check disable
        set dhcp-snoop-option82-trust disable
        set arp-inspection-trust untrusted
        set stp-state enabled
        set stp-loop-protection disabled
        set stp-root-guard disabled
        set stp-bpdu-guard disabled
        set loop-guard disabled
        set edge-port enabled
        set rpvst-port disabled
        set auto-discovery-fortilink enable
        set auto-discovery-fortilink-packet-interval 5
        set igmp-snooping-flood-reports disable
        set mcast-snooping-flood-traffic disable
        set packet-sampler disabled
        set sflow-counter-interval 0
        set snmp-index 22
        config port-security
            set port-security-mode none
        end
        set trust-dot1p-map ''
        set trust-ip-dscp-map ''
        set default-cos 0
        set qos-policy "default"
        set learning-limit 0
        set sticky-mac disable
        set log-mac-event disable
        set nac disable
    next
    edit "port23"
        set description ''
        set native-vlan 1
        unset allowed-vlans
        unset untagged-vlans
        set discard-mode none
        set dhcp-snooping untrusted
        set dhcp-snoop-learning-limit-check disable
        set dhcp-snoop-option82-trust disable
        set arp-inspection-trust untrusted
        set stp-state enabled
        set stp-loop-protection disabled
        set stp-root-guard disabled
        set stp-bpdu-guard disabled
        set loop-guard disabled
        set edge-port enabled
        set rpvst-port disabled
        set auto-discovery-fortilink enable
        set auto-discovery-fortilink-packet-interval 5
        set igmp-snooping-flood-reports disable
        set mcast-snooping-flood-traffic disable
        set packet-sampler disabled
        set sflow-counter-interval 0
        set snmp-index 23
        config port-security
            set port-security-mode none
        end
        set trust-dot1p-map ''
        set trust-ip-dscp-map ''
        set default-cos 0
        set qos-policy "default"
        set learning-limit 0
        set sticky-mac disable
        set log-mac-event disable
        set nac disable
    next
    edit "port24"
        set description ''
        set native-vlan 1
        unset allowed-vlans
        unset untagged-vlans
        set discard-mode none
        set dhcp-snooping untrusted
        set dhcp-snoop-learning-limit-check disable
        set dhcp-snoop-option82-trust disable
        set arp-inspection-trust untrusted
        set stp-state enabled
        set stp-loop-protection disabled
        set stp-root-guard disabled
        set stp-bpdu-guard disabled
        set loop-guard disabled
        set edge-port enabled
        set rpvst-port disabled
        set auto-discovery-fortilink enable
        set auto-discovery-fortilink-packet-interval 5
        set igmp-snooping-flood-reports disable
        set mcast-snooping-flood-traffic disable
        set packet-sampler disabled
        set sflow-counter-interval 0
        set snmp-index 24
        config port-security
            set port-security-mode none
        end
        set trust-dot1p-map ''
        set trust-ip-dscp-map ''
        set default-cos 0
        set qos-policy "default"
        set learning-limit 0
        set sticky-mac disable
        set log-mac-event disable
        set nac disable
    next
    edit "port25"
        set description ''
        set native-vlan 1
        unset allowed-vlans
        unset untagged-vlans
        set discard-mode none
        set dhcp-snooping untrusted
        set dhcp-snoop-learning-limit-check disable
        set dhcp-snoop-option82-trust disable
        set arp-inspection-trust untrusted
        set stp-state enabled
        set stp-loop-protection disabled
        set stp-root-guard disabled
        set stp-bpdu-guard disabled
        set loop-guard disabled
        set edge-port enabled
        set rpvst-port disabled
        set auto-discovery-fortilink enable
        set auto-discovery-fortilink-packet-interval 5
        set igmp-snooping-flood-reports disable
        set mcast-snooping-flood-traffic disable
        set packet-sampler disabled
        set sflow-counter-interval 0
        set snmp-index 25
        config port-security
            set port-security-mode none
        end
        set trust-dot1p-map ''
        set trust-ip-dscp-map ''
        set default-cos 0
        set qos-policy "default"
        set learning-limit 0
        set sticky-mac disable
        set log-mac-event disable
        set nac disable
    next
    edit "port26"
        set description ''
        set native-vlan 1
        unset allowed-vlans
        unset untagged-vlans
        set discard-mode none
        set dhcp-snooping untrusted
        set dhcp-snoop-learning-limit-check disable
        set dhcp-snoop-option82-trust disable
        set arp-inspection-trust untrusted
        set stp-state enabled
        set stp-loop-protection disabled
        set stp-root-guard disabled
        set stp-bpdu-guard disabled
        set loop-guard disabled
        set edge-port enabled
        set rpvst-port disabled
        set auto-discovery-fortilink disable
        set auto-discovery-fortilink-packet-interval 5
        set igmp-snooping-flood-reports disable
        set mcast-snooping-flood-traffic disable
        set packet-sampler disabled
        set sflow-counter-interval 0
        set snmp-index 26
        config port-security
            set port-security-mode none
        end
        set trust-dot1p-map ''
        set trust-ip-dscp-map ''
        set default-cos 0
        set qos-policy "default"
        set learning-limit 0
        set sticky-mac disable
        set log-mac-event disable
        set nac disable
    next
    edit "port27"
        set description ''
        set native-vlan 1
        unset allowed-vlans
        unset untagged-vlans
        set discard-mode none
        set dhcp-snooping untrusted
        set dhcp-snoop-learning-limit-check disable
        set dhcp-snoop-option82-trust disable
        set arp-inspection-trust untrusted
        set stp-state enabled
        set stp-loop-protection disabled
        set stp-root-guard disabled
        set stp-bpdu-guard disabled
        set loop-guard disabled
        set edge-port enabled
        set rpvst-port disabled
        set auto-discovery-fortilink enable
        set auto-discovery-fortilink-packet-interval 5
        set igmp-snooping-flood-reports disable
        set mcast-snooping-flood-traffic disable
        set packet-sampler disabled
        set sflow-counter-interval 0
        set snmp-index 27
        config port-security
            set port-security-mode none
        end
        set trust-dot1p-map ''
        set trust-ip-dscp-map ''
        set default-cos 0
        set qos-policy "default"
        set learning-limit 0
        set sticky-mac disable
        set log-mac-event disable
        set nac disable
    next
    edit "port28"
        set description ''
        set native-vlan 1
        unset allowed-vlans
        unset untagged-vlans
        set discard-mode none
        set dhcp-snooping untrusted
        set dhcp-snoop-learning-limit-check disable
        set dhcp-snoop-option82-trust disable
        set arp-inspection-trust untrusted
        set stp-state enabled
        set stp-loop-protection disabled
        set stp-root-guard disabled
        set stp-bpdu-guard disabled
        set loop-guard disabled
        set edge-port enabled
        set rpvst-port disabled
        set auto-discovery-fortilink enable
        set auto-discovery-fortilink-packet-interval 5
        set igmp-snooping-flood-reports disable
        set mcast-snooping-flood-traffic disable
        set packet-sampler disabled
        set sflow-counter-interval 0
        set snmp-index 28
        config port-security
            set port-security-mode none
        end
        set trust-dot1p-map ''
        set trust-ip-dscp-map ''
        set default-cos 0
        set qos-policy "default"
        set learning-limit 0
        set sticky-mac disable
        set log-mac-event disable
        set nac disable
    next
    edit "internal"
        set description ''
        set native-vlan 1
        unset allowed-vlans
        unset untagged-vlans
        set discard-mode none
        set stp-state disabled
        set stp-loop-protection disabled
        set stp-root-guard disabled
        set stp-bpdu-guard disabled
        set loop-guard disabled
        set edge-port enabled
        set rpvst-port disabled
        set auto-discovery-fortilink disable
        set auto-discovery-fortilink-packet-interval 5
        set igmp-snooping-flood-reports disable
        set mcast-snooping-flood-traffic disable
        set packet-sampler disabled
        set sflow-counter-interval 0
        set snmp-index 29
        set trust-dot1p-map ''
        set trust-ip-dscp-map ''
        set nac disable
    next
end
config switch stp settings
    set forward-time 15
    set hello-time 2
    set max-age 20
    set max-hops 20
    set mclag-stp-mac 00:00:00:00:00:00
    set name ''
    set revision 0
    set status enable
end
config switch stp instance
    edit "0"
        set priority 32768
        config stp-port
            edit "port2"
                set cost 0
                set priority 128
            next
            edit "port3"
                set cost 0
                set priority 128
            next
            edit "port4"
                set cost 0
                set priority 128
            next
            edit "port5"
                set cost 0
                set priority 128
            next
            edit "port6"
                set cost 0
                set priority 128
            next
            edit "port7"
                set cost 0
                set priority 128
            next
            edit "port8"
                set cost 0
                set priority 128
            next
            edit "port9"
                set cost 0
                set priority 128
            next
            edit "port10"
                set cost 0
                set priority 128
            next
            edit "port11"
                set cost 0
                set priority 128
            next
            edit "port12"
                set cost 0
                set priority 128
            next
            edit "port13"
                set cost 0
                set priority 128
            next
            edit "port14"
                set cost 0
                set priority 128
            next
            edit "port15"
                set cost 0
                set priority 128
            next
            edit "port16"
                set cost 0
                set priority 128
            next
            edit "port17"
                set cost 0
                set priority 128
            next
            edit "port18"
                set cost 0
                set priority 128
            next
            edit "port19"
                set cost 0
                set priority 128
            next
            edit "port20"
                set cost 0
                set priority 128
            next
            edit "port21"
                set cost 0
                set priority 128
            next
            edit "port22"
                set cost 0
                set priority 128
            next
            edit "port23"
                set cost 0
                set priority 128
            next
            edit "port24"
                set cost 0
                set priority 128
            next
            edit "port25"
                set cost 0
                set priority 128
            next
            edit "port27"
                set cost 0
                set priority 128
            next
            edit "port28"
                set cost 0
                set priority 128
            next
            edit "internal"
                set cost 0
                set priority 128
            next
            edit "port1"
                set cost 0
                set priority 128
            next
            edit "port26"
                set cost 0
                set priority 128
            next
        end
    next
    edit "15"
        set priority 28672
        set vlan-range 4094
    next
end
config switch storm-control
    set broadcast disable
    set burst-size-level 0
    set rate 500
    set unknown-multicast disable
    set unknown-unicast disable
end
config switch acl service custom
    edit "ALL_TCP"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        set tcp-portrange 1-65535 
        unset udp-portrange
        unset sctp-portrange
    next
    edit "ALL_UDP"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        unset tcp-portrange
        set udp-portrange 1-65535 
        unset sctp-portrange
    next
    edit "ALL_ICMP"
        set protocol ICMP
        set comment ''
        set color 0
        set icmptype 0
        set icmpcode 0
    next
    edit "AOL"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        set tcp-portrange 5190-5194 
        unset udp-portrange
        unset sctp-portrange
    next
    edit "BGP"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        set tcp-portrange 179 
        unset udp-portrange
        unset sctp-portrange
    next
    edit "DHCP"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        unset tcp-portrange
        set udp-portrange 67-68 
        unset sctp-portrange
    next
    edit "DNS_TCP"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        set tcp-portrange 53 
        unset udp-portrange
        unset sctp-portrange
    next
    edit "DNS_UDP"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        unset tcp-portrange
        set udp-portrange 53 
        unset sctp-portrange
    next
    edit "FINGER"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        set tcp-portrange 79 
        unset udp-portrange
        unset sctp-portrange
    next
    edit "FTP"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        set tcp-portrange 21 
        unset udp-portrange
        unset sctp-portrange
    next
    edit "FTP_GET"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        set tcp-portrange 21 
        unset udp-portrange
        unset sctp-portrange
    next
    edit "FTP_PUT"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        set tcp-portrange 21 
        unset udp-portrange
        unset sctp-portrange
    next
    edit "GOPHER"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        set tcp-portrange 70 
        unset udp-portrange
        unset sctp-portrange
    next
    edit "H323_TCP1"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        set tcp-portrange 1720 
        unset udp-portrange
        unset sctp-portrange
    next
    edit "H323_TCP2"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        set tcp-portrange 1503 
        unset udp-portrange
        unset sctp-portrange
    next
    edit "H323_UDP"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        unset tcp-portrange
        set udp-portrange 1719 
        unset sctp-portrange
    next
    edit "HTTP"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        set tcp-portrange 80 
        unset udp-portrange
        unset sctp-portrange
    next
    edit "HTTPS"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        set tcp-portrange 443 
        unset udp-portrange
        unset sctp-portrange
    next
    edit "IKE"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        unset tcp-portrange
        set udp-portrange 500 
        unset sctp-portrange
    next
    edit "IKE2"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        unset tcp-portrange
        set udp-portrange 4500 
        unset sctp-portrange
    next
    edit "IMAP"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        set tcp-portrange 143 
        unset udp-portrange
        unset sctp-portrange
    next
    edit "IMAPS"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        set tcp-portrange 993 
        unset udp-portrange
        unset sctp-portrange
    next
    edit "Internet-Locator-Service"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        set tcp-portrange 389 
        unset udp-portrange
        unset sctp-portrange
    next
    edit "IRC"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        set tcp-portrange 6660-6669 
        unset udp-portrange
        unset sctp-portrange
    next
    edit "L2TP_TCP"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        set tcp-portrange 1701 
        unset udp-portrange
        unset sctp-portrange
    next
    edit "L2TP_UDP"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        unset tcp-portrange
        set udp-portrange 1701 
        unset sctp-portrange
    next
    edit "LDAP"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        set tcp-portrange 389 
        unset udp-portrange
        unset sctp-portrange
    next
    edit "NetMeeting"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        set tcp-portrange 1720 
        unset udp-portrange
        unset sctp-portrange
    next
    edit "NFS_TCP1"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        set tcp-portrange 111 
        unset udp-portrange
        unset sctp-portrange
    next
    edit "NFS_TCP2"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        set tcp-portrange 2049 
        unset udp-portrange
        unset sctp-portrange
    next
    edit "NFS_UDP1"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        unset tcp-portrange
        set udp-portrange 111 
        unset sctp-portrange
    next
    edit "NFS_UDP2"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        unset tcp-portrange
        set udp-portrange 2049 
        unset sctp-portrange
    next
    edit "NNTP"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        set tcp-portrange 119 
        unset udp-portrange
        unset sctp-portrange
    next
    edit "NTP_TCP"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        set tcp-portrange 123 
        unset udp-portrange
        unset sctp-portrange
    next
    edit "NTP_UDP"
        set protocol TCP/UDP/SCTP
        set comment ''
        set color 0
        unset tcp-portrange
        set udp-portrange 123 
        unset sctp-portrange
    next
    edit "OSPF"
        set protocol IP
        set comment ''
        set color 0
        set protocol-number 89
    next
    edit "PC-Anywhere_TCP"
        set protocol TCP/UDP/SCTP
        set comment ''