问题描述
下午好,
我一直在寻找一种从带有宏的Cisco或Citrix ADC等技术读取配置文件(CFG)的快速方法。到目前为止,我一直使用一堆IF / THEN / ELSE语句来执行此操作,但是我添加的命令越多,宏就越复杂。
让我给您一个有关Citrix配置的示例:
下载配置后,我将获得包含2000条命令的文件,其中的一行如下所示:
set interface 1/1 -throughput 0 -bandwidthHigh 0 -bandwidthnormal 0 -intftype "Intel 8247X" -ifnum 1/1
该特定行根据以下格式配置接口:https://developer-docs.citrix.com/projects/citrix-adc-command-reference/en/latest/network/interface/
add ns ip 100.20.10.204 255.255.255.255 -type VIP -snmp disABLED
要添加服务器:
add server MyTestServer 100.10.10.29
将内容绑定在一起:
bind lb vserver LB_abc_semantic_web_prod vamawaps02p_SVC_web_prod
以此类推。
因此,我可以找到每行的命令库模板,但是问题是每种类型的命令都有一个宏(添加接口,路由,服务器,绑定证书等)和一个大文件。使得几乎无法阅读或理解。
我正在寻找“存储”每个命令模板的方法,因此,与每个命令都没有一个庞大的IF / THEN / ELSE宏相比,我可以拥有一组条件,可以重用并进行比较。
我在考虑类策略,但是我不知道是否可以创建一个像宏一样的宏,在分析了行的开始之后,它会根据条件填充值,然后可以使用Interface.ID进行打印。值(例如)。
我不知道我的情况是否清楚,这是一个完整的配置文件,每一行都有其自己的命令库结构,我只需要一些想法以使阅读效果更好。
#NS12.1 Build 54.16
# Last modified by `save config`,Tue Jan 28 11:04:15 2020
set ns config -IPAddress 11.55.88.8 -netmask 255.255.255.0
set ns config -nsvlan 100 -ifnum 0/1 -tagged NO
enable ns feature WL SP LB CS SSL GSLB AAA REWRITE RESPONDER CH
enable ns mode FR L3 MBF Edge USNIP PMTUD
set system parameter -doppler disABLED
set system user nsroot 15bfe3866d101daffc7b5ee6c6308431c76530e9f828496d6 -encrypted -hashmethod SHA1 -timeout 3600
add system group netscaler.administrators.gp
add system group netscaler.readonly.gp
set RSSkeytype -RSStype asymmetric
set lacp -sysPriority 32768 -mac d2:71:5a:b7:69:99
set ns hostName LAN
set interface 0/1 -throughput 0 -bandwidthHigh 0 -bandwidthnormal 0 -intftype "Xen Virtual" -ifnum 0/1
set interface 10/1 -lacpMode ACTIVE -lacpKey 1 -throughput 0 -bandwidthHigh 0 -bandwidthnormal 0 -intftype "Intel FVL 40G VF" -ifnum LA/1
set interface 10/2 -lacpMode ACTIVE -lacpKey 1 -throughput 0 -bandwidthHigh 0 -bandwidthnormal 0 -intftype "Intel FVL 40G VF" -ifnum LA/1
set interface LO/1 -haMonitor OFF -haHeartbeat OFF -throughput 0 -bandwidthHigh 0 -bandwidthnormal 0 -intftype Loopback -ifnum LO/1
set channel LA/1 -lamac 42:78:a9:ea:a7:39 -throughput 0 -lrMinThroughput 0 -bandwidthHigh 0 -bandwidthnormal 0
add vlan 11 -aliasName Production_Infraestructure
add vlan 12 -aliasName Development
add vlan 13 -aliasName Development
add vlan 30 -aliasName Production_Internet_Banking
add vlan 100 -aliasName Management
add ns ip6 fe80::d071:5aff:feb7:6999/64 -scope link-local -type NSIP -vlan 1 -vServer disABLED -mgmtAccess ENABLED -dynamicRouting ENABLED
add ns ip 11.55.88.8 255.255.255.0 -type NSIP -vServer disABLED -gui SECUREONLY -mgmtAccess ENABLED -dynamicRouting ENABLED
add ns ip 11.55.13.8 255.255.255.0 -vServer disABLED
add ns ip 11.55.12.8 255.255.255.0 -vServer disABLED
add ns ip 11.55.11.8 255.255.255.0 -vServer disABLED
add ns ip 11.55.11.11 255.255.255.0 -vServer disABLED
add ns ip 11.55.11.12 255.255.255.0 -vServer disABLED -telnet disABLED -ftp disABLED -gui disABLED -snmp disABLED -mgmtAccess ENABLED
add ns ip 11.55.30.8 255.255.255.0 -vServer disABLED -mgmtAccess ENABLED
bind vlan 11 -ifnum LA/1 -tagged
bind vlan 11 -IPAddress 11.55.11.8 255.255.255.0
bind vlan 12 -ifnum LA/1 -tagged
bind vlan 12 -IPAddress 11.55.12.8 255.255.255.0
bind vlan 13 -ifnum LA/1 -tagged
bind vlan 13 -IPAddress 11.55.13.8 255.255.255.0
bind vlan 30 -ifnum LA/1 -tagged
set nd6RAvariables -vlan 1
add snmp community netscaler2018 ALL
set snmp alarm CLUSTER-BACKPLANE-HB-MISSING -time 86400
set snmp alarm CLUSTER-NODE-HEALTH -time 86400
set snmp alarm CLUSTER-NODE-QUORUM -time 86400
set snmp alarm CLUSTER-VERSION-MISMATCH -time 86400
set snmp alarm COMPACT-FLASH-ERRORS -time 86400
set snmp alarm HA-BAD-SECONDARY-STATE -time 86400
set snmp alarm HA-NO-HEARTBEATS -time 86400
set snmp alarm HA-SYNC-FAILURE -time 86400
set snmp alarm HA-VERSION-MISMATCH -time 86400
set snmp alarm HARD-disK-DRIVE-ERRORS -time 86400
set snmp alarm PORT-ALLOC-@R_502_4761@ -time 3600
add snmp trap generic 11.55.88.6 -communityName public -allPartitions ENABLED
add snmp trap specific 11.55.88.6 -communityName public -allPartitions ENABLED
bind policy patset ns_vpn_client_useragents AGEE -index 1 -charset ASCII
bind policy patset ns_vpn_client_useragents CitrixReceiver -index 2 -charset ASCII
bind policy patset ns_vpn_client_useragents AGMacclient -index 3 -charset ASCII
bind policy patset ns_vpn_client_useragents "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:18.0) Gecko/20100101 Firefox/18.0" -index 4 -charset ASCII
bind policy patset ns_vpn_client_useragents "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:22.0) Gecko/20100101 Firefox/22.0" -index 5 -charset ASCII
bind policy patset ns_aaa_activesync_useragents Apple-iPhone -index 1 -charset ASCII
bind policy patset ns_aaa_activesync_useragents Apple-iPad -index 2 -charset ASCII
bind policy patset ns_aaa_activesync_useragents SAMSUNG-GT -index 3 -charset ASCII
bind policy patset ns_aaa_activesync_useragents "SAMSUNG GT" -index 4 -charset ASCII
bind policy patset ns_aaa_activesync_useragents AirWatch -index 5 -charset ASCII
bind policy patset ns_aaa_activesync_useragents "TouchDown(msrpc)" -index 6 -charset ASCII
bind policy patset ns_videoopt_quic_abr_sni_whitelist googlevideo.com -index 1
bind policy patset ns_videoopt_quic_abr_sni_whitelist c.youtube.com -index 2
bind policy patset ns_videoopt_quic_abr_sni_blacklist manifest.googlevideo.com -index 1
bind policy patset ns_videoopt_quic_abr_sni_blacklist redirector.googlevideo.com -index 2
set ns encryptionParams -method AES256 -keyvalue 516059cc332175e2a212929cca8f9f3a9fc2b8adc970cad14e948fd25696e830c3728a400ad04441be1a856b5c5bbf2d3c01d8ddc250f5a50c1a1c26472582ab5df533848cad7418ba8a2613707c148d -encrypted -encryptmethod ENCMTHD_3
set ns tcpProfile nstcp_default_profile -nagle ENABLED
set ns httpProfile nshttp_default_profile -dropInvalReqs ENABLED
set cmp parameter -policyType ADVANCED
add server codwc-ibweb01.cosita.asdfi.com 11.55.13.221
add server codwc-ibweb02.cosita.asdfi.com 11.55.13.222
add server codwd-ibweb01.cosita.asdfi.com 11.55.13.201
add server codwd-ibweb02.cosita.asdfi.com 11.55.13.202
add server codwt-ibweb01.cosita.asdfi.com 11.55.13.211
add server codwt-ibweb02.cosita.asdfi.com 11.55.13.212
add server codws-ibweb01.cosita.asdfi.com 11.55.13.231
add server codws-ibweb02.cosita.asdfi.com 11.55.13.232
add server codwp-ibweb01.cosita.asdfi.com 11.55.30.201
add server codwp-ibweb02.cosita.asdfi.com 11.55.30.202
add server COdlx-QUANTUM01_IP 11.55.12.90
add server COdlx-QUANTUM01_FQDN codlx-quantum01.cosita.asdfi.com
add serviceGroup LB-SG-TEST-IB-DEV-WEB-HTTP HTTP -maxClient 0 -maxReq 0 -cip disABLED -usip NO -useproxyport YES -cltTimeout 180 -svrTimeout 360 -CKA NO -TCPB NO -CMP NO -monThreshold 10
add serviceGroup LB-SG-TEST-IB-TES-WEB-HTTP HTTP -maxClient 0 -maxReq 0 -cip disABLED -usip NO -useproxyport YES -cltTimeout 180 -svrTimeout 360 -CKA NO -TCPB NO -CMP NO -monThreshold 10
add serviceGroup LB-SG-TEST-IB-CER-WEB-HTTP HTTP -maxClient 0 -maxReq 0 -cip disABLED -usip NO -useproxyport YES -cltTimeout 180 -svrTimeout 360 -CKA NO -TCPB NO -CMP NO -monThreshold 10
add serviceGroup LB-SG-TEST-IB-PRE-WEB-HTTP HTTP -maxClient 0 -maxReq 0 -cip disABLED -usip NO -useproxyport YES -cltTimeout 180 -svrTimeout 360 -CKA NO -TCPB NO -CMP NO -monThreshold 10
add serviceGroup LB-SG-TEST-IB-PRO-WEB-HTTP HTTP -maxClient 0 -maxReq 0 -cip disABLED -usip NO -useproxyport YES -cltTimeout 180 -svrTimeout 360 -CKA NO -TCPB NO -CMP NO -monThreshold 10
add serviceGroup LB-SG-TEST-QT-DEVI-FABRIC-HTTP HTTP -maxClient 0 -maxReq 0 -cip disABLED -usip NO -useproxyport YES -cltTimeout 180 -svrTimeout 360 -CKA NO -TCPB NO -CMP NO
add serviceGroup LB-SG-TEST-QT-DEVI-FABRIC-HTTPS SSL -maxClient 0 -maxReq 0 -cip disABLED -usip NO -useproxyport YES -cltTimeout 180 -svrTimeout 360 -CKA NO -TCPB NO -CMP NO
add authentication noAuthAction NO_AUTHN
add ssl certKey ns-server-certificate -cert ns-server.cert -key ns-server.key
add ssl certKey TESTCERT -cert Test.cert -key Test.key -passcrypt a85c31e41e33fc1be824c662652078c179d809c6d9dfa9abfc0836f276dfc237 -encrypted -encryptmethod ENCMTHD_3 -expiryMonitor disABLED
add ssl certKey entrust_Sittadigital -cert ServerCertificate.crt -key Sittadigital.key -expiryMonitor disABLED
add ssl certKey entrust-Root -cert Root.crt
add ssl certKey entrust-IIntermediate -cert Intermediate.crt
link ssl certKey entrust_Sittadigital entrust-IIntermediate
link ssl certKey entrust-IIntermediate entrust-Root
add authentication ldapAction LDAP-PFCTI -serverIP 11.55.11.20 -ldapBase "DC=asdfi,DC=com" -ldapBindDn netscaler@asdfi.com -ldapBindDnPassword 926cc546fc3cf0165dbdb99efe7ea73b6ff9707bcf9832b25c53999b8a2b2e65d9fc836f009818af3e415bf65e31795e -encrypted -encryptmethod ENCMTHD_3 -ldapLoginName sAMAccountName -groupAttrName memberOf -subAttributeName cn
set lb parameter -sessionsThreshold 600000
add lb vserver LB-VS-TEST-IB-DEV-WEB-HTTP HTTP 11.55.13.200 80 -persistenceType NONE -cltTimeout 180
add lb vserver LB-VS-TEST-IB-TES-WEB-HTTP HTTP 11.55.13.210 80 -persistenceType NONE -cltTimeout 180
add lb vserver LB-VS-TEST-IB-CER-WEB-HTTP HTTP 11.55.13.220 80 -persistenceType COOKIEINSERT -timeout 0 -cltTimeout 180
add lb vserver LB-VS-TEST-IB-PRE-WEB-HTTP HTTP 11.55.13.230 80 -persistenceType NONE -cltTimeout 180
add lb vserver LB-VS-TEST-IB-PRO-WEB-HTTP HTTP 11.55.30.200 80 -persistenceType COOKIEINSERT -timeout 0 -cltTimeout 180
add lb vserver LB-VS-TEST-QT-DEVI-FABRIC-HTTP HTTP 11.55.12.80 80 -persistenceType NONE -cltTimeout 180
add lb vserver LB-VS-TEST-QT-TESI-FABRIC-HTTP HTTP 11.55.12.81 80 -persistenceType NONE -cltTimeout 180
add lb vserver LB-VS-TEST-QT-DEV-FABRIC-HTTP HTTP 11.55.12.82 80 -persistenceType NONE -cltTimeout 180
add lb vserver LB-VS-TEST-QT-TES-FABRIC-HTTP HTTP 11.55.12.83 80 -persistenceType NONE -cltTimeout 180
add lb vserver LB-VS-TEST-QT-CER-FABRIC-HTTP HTTP 11.55.12.84 80 -persistenceType NONE -cltTimeout 180
add lb vserver LB-VS-TEST-QT-PRE-FABRIC-HTTP HTTP 11.55.12.85 80 -persistenceType NONE -cltTimeout 180
set cache parameter -via "NS-CACHE-11.0: 8"
set aaa parameter -maxAAAUsers 4294967295
set ns rpcNode 11.55.88.8 -password aef79d5d5a4b54fb90ff0e13a25c7116980bd9e5e9e17b9924d0939b1ae9ab56f5a881e4d58fbf3ed8834f02aaf21d9b -encrypted -encryptmethod ENCMTHD_3 -srcIP 11.55.88.8
add rewrite action test delete_http_header bpro
add rewrite action RWact_Sitta.urltest.com_PCRC replace HTTP.REQ.URL.PATH_AND_QUERY "\"/PB/pages/administration/pbLoginPage.aspx\""
add rewrite action RWact_Sitta.urltest.com_CR replace HTTP.REQ.URL "\"/PCRC/PB/pages/administration/pbLoginPage.aspx\""
add rewrite policy RWpol_sitta.urltest.com_PCRC "http.REQ.URL.TYPECAST_TEXT_T.CONTAINS(\"pcrc\")" RWact_Sitta.urltest.com_PCRC
add rewrite policy RWpol_sitta.urltest.com_CR "HTTP.REQ.URL.SET_TEXT_MODE(IGnorECASE).CONTAINS(\"/cr\")" RWact_Sitta.urltest.com_CR
bind rewrite policylabel ns_cvpn_v2_url_label ns_cvpn_v2_bypass_url_pol 20000 NEXT
bind cmp global ns_adv_nocmp_xml_ie -priority 8700 -gotoPriorityExpression END -type RES_DEFAULT
bind cmp global ns_adv_nocmp_mozilla_47 -priority 8800 -gotoPriorityExpression END -type RES_DEFAULT
bind cmp global ns_adv_cmp_mscss -priority 8900 -gotoPriorityExpression END -type RES_DEFAULT
bind cmp global ns_adv_cmp_msapp -priority 9000 -gotoPriorityExpression END -type RES_DEFAULT
bind cmp global ns_adv_cmp_content_type -priority 10000 -gotoPriorityExpression END -type RES_DEFAULT
set appflow param -cqaReporting ENABLED -observationPointId 140782858
add responder action ResAct_HTTPtoSSL redirect "\"https://\" + HTTP.REQ.HOSTNAME.HTTP_URL_SAFE + HTTP.REQ.URL.PATH_AND_QUERY.HTTP_URL_SAFE" -responseStatusCode 302
add responder action ResAct_sitta.urltest.com_CR redirect "\"http://\" + HTTP.REQ.HOSTNAME.HTTP_URL_SAFE +\"/PCRC/PB/pages/administration/pbLoginPage.aspx\"" -responseStatusCode 302
add responder policy ResPol_CSH_CapaWEB_Redirect http.REQ.IS_VALID ResAct_HTTPtoSSL
add responder policy ResPol_sitta.urltest.com_cr "HTTP.REQ.URL.SET_TEXT_MODE(IGnorECASE).STARTSWITH(\"/cr\")" ResAct_sitta.urltest.com_CR
add responder policy ResPol_sitta.urltest.com_pcrc "HTTP.REQ.URL.SET_TEXT_MODE(IGnorECASE).ENDSWITH(\"PCRC\")" ResAct_sitta.urltest.com_CR
add responder policy ResPol_sitta.urltest.com "HTTP.REQ.URL.EQ(\"/\")" ResAct_sitta.urltest.com_CR
add cache contentGroup DEFAULT
set cache contentGroup NSFEO -maxResSize 1994752
add cache contentGroup BASEFILE -relExpiry 86000 -weakNegrelExpiry 600 -maxResSize 256 -memLimit 2
add cache contentGroup DELTAJS -relExpiry 86000 -weakNegrelExpiry 600 -insertAge NO -maxResSize 256 -memLimit 1 -pinned YES
add cache contentGroup ctx_cg_poc -relExpiry 86000 -weakNegrelExpiry 600 -insertAge NO -maxResSize 500 -memLimit 256 -pinned YES
add cache policy _nonGetReq -rule "!HTTP.REQ.METHOD.eq(GET)" -action NOCACHE
add cache policy _advancedConditionalReq -rule "HTTP.REQ.HEADER(\"If-Match\").EXISTS || HTTP.REQ.HEADER(\"If-Unmodified-Since\").EXISTS" -action NOCACHE
add cache policy _personalizedReq -rule "HTTP.REQ.HEADER(\"Cookie\").EXISTS || HTTP.REQ.HEADER(\"Authorization\").EXISTS || HTTP.REQ.HEADER(\"Proxy-Authorization\").EXISTS || HTTP.REQ.IS_NTLM_OR_NEGOTIATE" -action MAY_NOCACHE
add cache policy _uncacheableStatusRes -rule "! ((HTTP.RES.STATUS.EQ(200)) || (HTTP.RES.STATUS.EQ(304)) || (HTTP.RES.STATUS.BETWEEN(400,499)) || (HTTP.RES.STATUS.BETWEEN(300,302)) || (HTTP.RES.STATUS.EQ(307))|| (HTTP.RES.STATUS.EQ(203)))" -action NOCACHE
add cache policy _uncacheableCacheControlRes -rule "((HTTP.RES.CACHE_CONTROL.IS_PRIVATE) || (HTTP.RES.CACHE_CONTROL.IS_NO_CACHE) || (HTTP.RES.CACHE_CONTROL.IS_NO_STORE) || (HTTP.RES.CACHE_CONTROL.IS_INVALID))" -action NOCACHE
add cache policy _cacheableCacheControlRes -rule "((HTTP.RES.CACHE_CONTROL.IS_PUBLIC) || (HTTP.RES.CACHE_CONTROL.IS_MAX_AGE) || (HTTP.RES.CACHE_CONTROL.IS_MUST_REVALIDATE) || (HTTP.RES.CACHE_CONTROL.IS_PROXY_REVALIDATE) || (HTTP.RES.CACHE_CONTROL.IS_S_MAXAGE))" -action CACHE -storeInGroup DEFAULT
add cache policy _uncacheablevaryRes -rule "((HTTP.RES.HEADER(\"vary\").EXISTS) && ((HTTP.RES.HEADER(\"vary\").INSTANCE(1).LENGTH > 0) || (!HTTP.RES.HEADER(\"vary\").STRIP_END_WS.SET_TEXT_MODE(IGnorECASE).eq(\"Accept-Encoding\"))))" -action NOCACHE
add cache policy _uncacheablePragmaRes -rule "HTTP.RES.HEADER(\"Pragma\").EXISTS" -action NOCACHE
add cache policy _cacheableExpiryRes -rule "HTTP.RES.HEADER(\"Expires\").EXISTS" -action CACHE -storeInGroup DEFAULT
add cache policy _imageRes -rule "HTTP.RES.HEADER(\"Content-Type\").SET_TEXT_MODE(IGnorECASE).STARTSWITH(\"image/\")" -action CACHE -storeInGroup DEFAULT
add cache policy _personalizedRes -rule "HTTP.RES.HEADER(\"Set-Cookie\").EXISTS || HTTP.RES.HEADER(\"Set-Cookie2\").EXISTS" -action NOCACHE
add cache policy ctx_images -rule "HTTP.REQ.URL.SET_TEXT_MODE(IGnorECASE).CONTAINS_INDEX(\"ctx_file_extensions\").BETWEEN(101,150)" -action CACHE -storeInGroup ctx_cg_poc
add cache policy ctx_web_css -rule "HTTP.REQ.URL.ENDSWITH(\".css\")" -action CACHE -storeInGroup ctx_cg_poc
add cache policy ctx_doc_pdf -rule "HTTP.REQ.URL.ENDSWITH(\".pdf\")" -action CACHE -storeInGroup ctx_cg_poc
add cache policy ctx_web_JavaScript -rule "HTTP.REQ.URL.ENDSWITH(\".js\")" -action CACHE -storeInGroup ctx_cg_poc
add cache policy ctx_web_JavaScript-Res -rule "HTTP.RES.HEADER(\"Content-Type\").CONTAINS(\"application/x-javascript\")" -action CACHE -storeInGroup ctx_cg_poc
add cache policy ctx_NOCACHE_Cleanup -rule TRUE -action NOCACHE
add cache policylabel _reqBuiltinDefaults -evaluates REQ
add cache policylabel _resBuiltinDefaults -evaluates RES
bind cache policylabel _reqBuiltinDefaults -policyName _nonGetReq -priority 100 -gotoPriorityExpression END
bind cache policylabel _reqBuiltinDefaults -policyName _advancedConditionalReq -priority 200 -gotoPriorityExpression END
bind cache policylabel _reqBuiltinDefaults -policyName _personalizedReq -priority 300 -gotoPriorityExpression END
bind cache policylabel _resBuiltinDefaults -policyName _uncacheableStatusRes -priority 100 -gotoPriorityExpression END
bind cache policylabel _resBuiltinDefaults -policyName _uncacheablevaryRes -priority 200 -gotoPriorityExpression END
bind cache policylabel _resBuiltinDefaults -policyName _uncacheableCacheControlRes -priority 300 -gotoPriorityExpression END
bind cache policylabel _resBuiltinDefaults -policyName _cacheableCacheControlRes -priority 400 -gotoPriorityExpression END
bind cache policylabel _resBuiltinDefaults -policyName _uncacheablePragmaRes -priority 500 -gotoPriorityExpression END
bind cache policylabel _resBuiltinDefaults -policyName _cacheableExpiryRes -priority 600 -gotoPriorityExpression END
bind cache policylabel _resBuiltinDefaults -policyName _imageRes -priority 700 -gotoPriorityExpression END
bind cache policylabel _resBuiltinDefaults -policyName _personalizedRes -priority 800 -gotoPriorityExpression END
bind cache global nopOLICY -priority 185883 -gotoPriorityExpression USE_INVOCATION_RESULT -type REQ_DEFAULT -invoke policylabel _reqBuiltinDefaults
bind cache global nopOLICY -priority 185883 -gotoPriorityExpression USE_INVOCATION_RESULT -type RES_DEFAULT -invoke policylabel _resBuiltinDefaults
bind lb vserver LB-VS-TEST-IB-DEV-WEB-HTTP LB-SG-TEST-IB-DEV-WEB-HTTP
bind lb vserver LB-VS-TEST-IB-TES-WEB-HTTP LB-SG-TEST-IB-TES-WEB-HTTP
bind lb vserver LB-VS-TEST-IB-CER-WEB-HTTP LB-SG-TEST-IB-CER-WEB-HTTP
bind lb vserver LB-VS-TEST-IB-PRE-WEB-HTTP LB-SG-TEST-IB-PRE-WEB-HTTP
bind lb vserver LB-VS-TEST-IB-PRO-WEB-HTTP LB-SG-TEST-IB-PRO-WEB-HTTP
bind lb vserver LB-VS-TEST-QT-DEVI-FABRIC-HTTP LB-SG-TEST-QT-DEVI-FABRIC-HTTP
bind lb vserver LB-VS-TEST-IB-CER-WEB-HTTP -policyName ResPol_sitta.urltest.com_pcrc -priority 90 -gotoPriorityExpression END -type REQUEST
bind lb vserver LB-VS-TEST-IB-CER-WEB-HTTP -policyName ResPol_sitta.urltest.com_cr -priority 100 -gotoPriorityExpression END -type REQUEST
bind lb vserver LB-VS-TEST-IB-CER-WEB-HTTP -policyName ResPol_sitta.urltest.com -priority 110 -gotoPriorityExpression END -type REQUEST
bind lb vserver LB-VS-TEST-IB-PRO-WEB-HTTP -policyName ResPol_sitta.urltest.com_pcrc -priority 90 -gotoPriorityExpression END -type REQUEST
bind lb vserver LB-VS-TEST-IB-PRO-WEB-HTTP -policyName ResPol_sitta.urltest.com_cr -priority 100 -gotoPriorityExpression END -type REQUEST
bind lb vserver LB-VS-TEST-IB-PRO-WEB-HTTP -policyName ResPol_sitta.urltest.com -priority 120 -gotoPriorityExpression END -type REQUEST
add dns nameServer 11.55.11.20 -dnsprofileName default-dns-profile
add dns nameServer 11.47.11.20
add dns nameServer 11.55.11.21
set ns diameter -identity netscaler.com -realm com
set subscriber gxInterface -pcrfRealm pcrf.com -servicePathAVP 262099 -servicePathvendorid 3845
set ns tcpParam -nagle ENABLED
set ns httpParam -dropInvalReqs ON
set ns tcpbufParam -memLimit 256
set dns parameter -dns64Timeout 1000
add dns nsRec . a.root-servers.net -TTL 3600000
add dns nsRec . b.root-servers.net -TTL 3600000
add dns nsRec . c.root-servers.net -TTL 3600000
add dns nsRec . d.root-servers.net -TTL 3600000
add dns nsRec . e.root-servers.net -TTL 3600000
add dns nsRec . f.root-servers.net -TTL 3600000
add dns nsRec . g.root-servers.net -TTL 3600000
add dns nsRec . h.root-servers.net -TTL 3600000
add dns nsRec . i.root-servers.net -TTL 3600000
add dns nsRec . j.root-servers.net -TTL 3600000
add dns nsRec . k.root-servers.net -TTL 3600000
add dns nsRec . l.root-servers.net -TTL 3600000
add dns nsRec . m.root-servers.net -TTL 3600000
add dns addRec k.root-servers.net 193.0.14.129 -TTL 3600000
add dns addRec l.root-servers.net 199.7.83.42 -TTL 3600000
add dns addRec a.root-servers.net 198.41.0.4 -TTL 3600000
add dns addRec b.root-servers.net 192.228.79.201 -TTL 3600000
add dns addRec c.root-servers.net 192.33.4.12 -TTL 3600000
add dns addRec d.root-servers.net 199.7.91.13 -TTL 3600000
add dns addRec m.root-servers.net 202.12.27.33 -TTL 3600000
add dns addRec i.root-servers.net 192.36.148.17 -TTL 3600000
add dns addRec j.root-servers.net 192.58.128.30 -TTL 3600000
add dns addRec g.root-servers.net 192.112.36.4 -TTL 3600000
add dns addRec h.root-servers.net 198.97.190.53 -TTL 3600000
add dns addRec e.root-servers.net 192.203.230.10 -TTL 3600000
add dns addRec f.root-servers.net 192.5.5.241 -TTL 3600000
set lb monitor ping PING -LRTM disABLED
set lb monitor http HTTP -LRTM disABLED
set lb monitor ldns-dns LDNS-DNS -query . -queryType Address
set lb monitor stasecure CITRIX-STA-SERVICE -interval 2 MIN
set lb monitor sta CITRIX-STA-SERVICE -interval 2 MIN
add lb monitor http_ib HTTP -respCode 200 -httpRequest "GET /PCRC/PB/pages/administration/pbLoginPage.aspx" -LRTM disABLED
bind serviceGroup LB-SG-TEST-IB-DEV-WEB-HTTP codwd-ibweb01.cosita.asdfi.com 80
bind serviceGroup LB-SG-TEST-IB-DEV-WEB-HTTP codwd-ibweb02.cosita.asdfi.com 80
bind serviceGroup LB-SG-TEST-IB-DEV-WEB-HTTP -monitorName tcp
bind serviceGroup LB-SG-TEST-IB-DEV-WEB-HTTP -monitorName http_ib -weight 10
bind serviceGroup LB-SG-TEST-IB-TES-WEB-HTTP codwt-ibweb01.cosita.asdfi.com 80
bind serviceGroup LB-SG-TEST-IB-TES-WEB-HTTP codwt-ibweb02.cosita.asdfi.com 80
bind serviceGroup LB-SG-TEST-IB-TES-WEB-HTTP -monitorName tcp
bind serviceGroup LB-SG-TEST-IB-TES-WEB-HTTP -monitorName http_ib -weight 10
bind serviceGroup LB-SG-TEST-IB-CER-WEB-HTTP codwc-ibweb01.cosita.asdfi.com 80
bind serviceGroup LB-SG-TEST-IB-CER-WEB-HTTP codwc-ibweb02.cosita.asdfi.com 80
bind serviceGroup LB-SG-TEST-IB-CER-WEB-HTTP -monitorName tcp
bind serviceGroup LB-SG-TEST-IB-CER-WEB-HTTP -monitorName http_ib -weight 10
bind serviceGroup LB-SG-TEST-IB-PRE-WEB-HTTP codws-ibweb01.cosita.asdfi.com 80
bind serviceGroup LB-SG-TEST-IB-PRE-WEB-HTTP codws-ibweb02.cosita.asdfi.com 80
bind serviceGroup LB-SG-TEST-IB-PRE-WEB-HTTP -monitorName tcp
bind serviceGroup LB-SG-TEST-IB-PRE-WEB-HTTP -monitorName http_ib -weight 10
bind serviceGroup LB-SG-TEST-IB-PRO-WEB-HTTP codwp-ibweb01.cosita.asdfi.com 80
bind serviceGroup LB-SG-TEST-IB-PRO-WEB-HTTP codwp-ibweb02.cosita.asdfi.com 80
bind serviceGroup LB-SG-TEST-IB-PRO-WEB-HTTP -monitorName tcp
bind serviceGroup LB-SG-TEST-IB-PRO-WEB-HTTP -monitorName http_ib -weight 10
bind serviceGroup LB-SG-TEST-QT-DEVI-FABRIC-HTTP COdlx-QUANTUM01_IP 7001
bind serviceGroup LB-SG-TEST-QT-DEVI-FABRIC-HTTP -monitorName ping
bind serviceGroup LB-SG-TEST-QT-DEVI-FABRIC-HTTPS COdlx-QUANTUM01_FQDN 7001
bind serviceGroup LB-SG-TEST-QT-DEVI-FABRIC-HTTPS -monitorName ping
add route 0.0.0.0 0.0.0.0 11.55.88.1
add route 11.55.50.0 255.255.255.0 11.55.11.1
add route 11.47.11.0 255.255.255.0 11.55.11.1
add route 11.47.13.0 255.255.255.0 11.55.13.1
add route 11.47.30.0 255.255.255.0 11.55.30.1
set ssl service nshttps-11.55.30.8-443 -eRSA ENABLED -sessReuse disABLED -ssl3 disABLED
set ssl service nsrpcs-11.55.30.8-3008 -eRSA ENABLED -sessReuse disABLED -ssl3 disABLED
set ssl service nshttps-11.55.11.12-443 -eRSA ENABLED -sessReuse disABLED -ssl3 disABLED
set ssl service nsrpcs-11.55.11.12-3008 -eRSA ENABLED -sessReuse disABLED -ssl3 disABLED
set ssl service nsrnatsip-127.0.0.1-5061 -eRSA ENABLED -sessReuse disABLED -ssl3 disABLED
set ssl service nskrpcs-127.0.0.1-3009 -eRSA ENABLED -sessReuse disABLED -ssl3 disABLED
set ssl service nshttps-::1l-443 -eRSA ENABLED -sessReuse disABLED -ssl3 disABLED
set ssl service nsrpcs-::1l-3008 -eRSA ENABLED -sessReuse disABLED -ssl3 disABLED
set ssl service nshttps-127.0.0.1-443 -eRSA ENABLED -sessReuse disABLED -ssl3 disABLED
set ssl service nsrpcs-127.0.0.1-3008 -eRSA ENABLED -sessReuse disABLED -ssl3 disABLED
set ssl serviceGroup LB-SG-TEST-QT-DEVI-FABRIC-HTTPS -ssl3 disABLED
add authentication Policy LDAP-POLICY-MANAGEMENT-GROUP -rule TRUE -action LDAP-PFCTI
set vpn parameter -forceCleanup none -clientConfiguration all
bind audit syslogGlobal -policyName SETSYSLOGParaMS_ADV_POL -priority 2000000000
bind audit nslogGlobal -policyName SETNSLOGParaMS_ADV_POL -priority 2000000000
bind system group netscaler.administrators.gp -policyName superuser 100
bind system group netscaler.readonly.gp -policyName read-only 100
bind tunnel global ns_tunnel_nocmp
bind tunnel global ns_tunnel_msdocs -priority 4000
bind tunnel global ns_tunnel_mimetext -priority 6000
bind system global LDAP-POLICY-MANAGEMENT-GROUP -priority 100 -gotoPriorityExpression NEXT
bind tm global -policyName SETTMSEssparaMS_ADV_POL -priority 65534 -gotoPriorityExpression NEXT
add ns pbr PBR_DNS DENY -srcIP = 11.55.88.8 -destPort = 53 -nextHop 11.55.88.1 -protocol UDP -priority 10 -kernelstate SFAPPLIED61
add ns pbr PBR_DNS1 ALLOW -destIP = 11.55.88.20 -nextHop 11.55.11.1 -priority 11 -kernelstate SFAPPLIED61
add ns pbr PBR_Local DENY -srcIP = 11.55.88.8 -destIP = 11.55.88.1-11.55.88.255 -nextHop 11.55.88.1 -priority 20 -kernelstate SFAPPLIED61
add ns pbr PBR_Management ALLOW -srcIP = 11.55.88.8 -nextHop 11.55.88.1 -priority 30 -kernelstate SFAPPLIED61
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)