search

jeremmfr / terraform-provider-junos

Terraform provider for Junos devices
https://registry.terraform.io/providers/jeremmfr/junos
MIT License
61 stars 22 forks source link

Add support for Juniper Screen Protection Settings #92

Closed pp82 closed 3 years ago

pp82 commented 3 years ago

Hello, Thank you so much your work excellent work on this provider.

If possible, could we request support for the following juniper screen protection settings. These settings might also be beneficial for other users.

Appreciate you considering this request.

set security zones security-zone externalzone screen external-screen

set security screen ids-option external-screen icmp flood threshold 3000
set security screen ids-option external-screen icmp icmpv6-malformed
set security screen ids-option external-screen icmp ip-sweep threshold 1000
set security screen ids-option external-screen icmp ping-death
set security screen ids-option external-screen ip bad-option
set security screen ids-option external-screen ip ipv6-extension-header-limit 5
set security screen ids-option external-screen ip ipv6-malformed-header
set security screen ids-option external-screen ip security-option
set security screen ids-option external-screen ip source-route-option
set security screen ids-option external-screen ip stream-option
set security screen ids-option external-screen ip strict-source-route-option
set security screen ids-option external-screen ip tear-drop
set security screen ids-option external-screen ip tunnel gre gre-4in4
set security screen ids-option external-screen ip tunnel gre gre-4in6
set security screen ids-option external-screen ip tunnel gre gre-6in4
set security screen ids-option external-screen ip tunnel gre gre-6in6
set security screen ids-option external-screen ip tunnel ip-in-udp teredo
set security screen ids-option external-screen ip tunnel ipip dslite
set security screen ids-option external-screen ip tunnel ipip ipip-4in4
set security screen ids-option external-screen ip tunnel ipip ipip-4in6
set security screen ids-option external-screen ip tunnel ipip ipip-6in4
set security screen ids-option external-screen ip tunnel ipip ipip-6in6
set security screen ids-option external-screen ip tunnel ipip ipip-6over4
set security screen ids-option external-screen ip tunnel ipip ipip-6to4relay
set security screen ids-option external-screen ip tunnel ipip isatap
set security screen ids-option external-screen ip unknown-protocol
set security screen ids-option external-screen limit-session source-ip-based 3000
set security screen ids-option external-screen tcp fin-no-ack
set security screen ids-option external-screen tcp land
set security screen ids-option external-screen tcp port-scan threshold 200
set security screen ids-option external-screen tcp syn-fin
set security screen ids-option external-screen tcp syn-flood alarm-threshold 1500
set security screen ids-option external-screen tcp syn-flood attack-threshold 900
set security screen ids-option external-screen tcp syn-flood destination-threshold 2500
set security screen ids-option external-screen tcp syn-flood source-threshold 200
set security screen ids-option external-screen tcp syn-flood timeout 20
set security screen ids-option external-screen tcp syn-frag
set security screen ids-option external-screen tcp tcp-no-flag
set security screen ids-option external-screen tcp tcp-sweep threshold 200
set security screen ids-option external-screen tcp winnuke
set security screen ids-option external-screen udp flood threshold 1000
set security screen ids-option external-screen udp udp-sweep threshold 200
jeremmfr commented 3 years ago

Yes, it's possible, I'll take care of adding it