set firewall name LAPTOPS-LOCAL default-action 'drop'
set firewall name LAPTOPS-LOCAL enable-default-log
set firewall name LAPTOPS-LOCAL rule 10 action 'accept'
set firewall name LAPTOPS-LOCAL rule 10 state established 'enable'
set firewall name LAPTOPS-LOCAL rule 10 state related 'enable'
set firewall name LAPTOPS-LOCAL rule 11 action 'drop'
set firewall name LAPTOPS-LOCAL rule 11 log 'enable'
set firewall name LAPTOPS-LOCAL rule 11 state invalid 'enable'
set firewall name LAPTOPS-LOCAL rule 20 action 'accept'
set firewall name LAPTOPS-LOCAL rule 20 log 'enable'
set firewall name LAPTOPS-LOCAL rule 20 protocol 'icmp'
set firewall name LOCAL-LAPTOPS default-action 'drop'
set firewall name LOCAL-LAPTOPS enable-default-log
set firewall name LOCAL-LAPTOPS rule 10 action 'accept'
set firewall name LOCAL-LAPTOPS rule 10 state established 'enable'
set firewall name LOCAL-LAPTOPS rule 10 state related 'enable'
set firewall name LOCAL-LAPTOPS rule 11 action 'drop'
set firewall name LOCAL-LAPTOPS rule 11 log 'enable'
set firewall name LOCAL-LAPTOPS rule 11 state invalid 'enable'
set firewall name LOCAL-LAPTOPS rule 20 action 'accept'
set firewall name LOCAL-LAPTOPS rule 20 log 'enable'
set firewall name LOCAL-LAPTOPS rule 20 protocol 'icmp'
set firewall name LOCAL-SERVERS default-action 'drop'
set firewall name LOCAL-SERVERS enable-default-log
set firewall name LOCAL-SERVERS rule 10 action 'accept'
set firewall name LOCAL-SERVERS rule 10 state established 'enable'
set firewall name LOCAL-SERVERS rule 10 state related 'enable'
set firewall name LOCAL-SERVERS rule 11 action 'drop'
set firewall name LOCAL-SERVERS rule 11 log 'enable'
set firewall name LOCAL-SERVERS rule 11 state invalid 'enable'
set firewall name LOCAL-SERVERS rule 20 action 'accept'
set firewall name LOCAL-SERVERS rule 20 log 'enable'
set firewall name LOCAL-SERVERS rule 20 protocol 'icmp'
set firewall name LOCAL-WAN default-action 'drop'
set firewall name LOCAL-WAN enable-default-log
set firewall name LOCAL-WAN rule 10 action 'accept'
set firewall name LOCAL-WAN rule 10 state established 'enable'
set firewall name LOCAL-WAN rule 10 state related 'enable'
set firewall name LOCAL-WAN rule 11 action 'drop'
set firewall name LOCAL-WAN rule 11 log 'enable'
set firewall name LOCAL-WAN rule 11 state invalid 'enable'
set firewall name LOCAL-WAN rule 20 action 'accept'
set firewall name LOCAL-WAN rule 20 log 'enable'
set firewall name LOCAL-WAN rule 20 protocol 'icmp'
set firewall name SERVERS-LOCAL default-action 'drop'
set firewall name SERVERS-LOCAL enable-default-log
set firewall name SERVERS-LOCAL rule 10 action 'accept'
set firewall name SERVERS-LOCAL rule 10 state established 'enable'
set firewall name SERVERS-LOCAL rule 10 state related 'enable'
set firewall name SERVERS-LOCAL rule 11 action 'drop'
set firewall name SERVERS-LOCAL rule 11 log 'enable'
set firewall name SERVERS-LOCAL rule 11 state invalid 'enable'
set firewall name SERVERS-LOCAL rule 20 action 'accept'
set firewall name SERVERS-LOCAL rule 20 log 'enable'
set firewall name SERVERS-LOCAL rule 20 protocol 'icmp'
set firewall name WAN-LOCAL default-action 'drop'
set firewall name WAN-LOCAL enable-default-log
set firewall name WAN-LOCAL rule 10 action 'accept'
set firewall name WAN-LOCAL rule 10 state established 'enable'
set firewall name WAN-LOCAL rule 10 state related 'enable'
set firewall name WAN-LOCAL rule 11 action 'drop'
set firewall name WAN-LOCAL rule 11 log 'enable'
set firewall name WAN-LOCAL rule 11 state invalid 'enable'
set firewall name WAN-LOCAL rule 20 action 'accept'
set firewall name WAN-LOCAL rule 20 icmp type-name 'echo-request'
set firewall name WAN-LOCAL rule 20 protocol 'icmp'
set firewall name WAN-LOCAL rule 20 state new 'enable'
set firewall name WAN-LOCAL rule 30 action 'drop'
set firewall name WAN-LOCAL rule 30 destination port '22'
set firewall name WAN-LOCAL rule 30 log 'enable'
set firewall name WAN-LOCAL rule 30 protocol 'tcp'
set firewall name WAN-LOCAL rule 30 recent count '4'
set firewall name WAN-LOCAL rule 30 recent time 'minute'
set firewall name WAN-LOCAL rule 30 state new 'enable'
set firewall name WAN-LOCAL rule 31 action 'accept'
set firewall name WAN-LOCAL rule 31 destination port '22'
set firewall name WAN-LOCAL rule 31 protocol 'tcp'
set firewall name WAN-LOCAL rule 31 state new 'enable'
set interfaces ethernet eth0 address 'xxx.xxx.41.1/24'
set interfaces ethernet eth0 description 'VLAN1410_WAN'
set interfaces ethernet eth0 hw-id 'xx:xx:xx:xx:xx:4b'
set interfaces ethernet eth1 address 'xxx.xxx.50.1/24'
set interfaces ethernet eth1 description 'VLAN1500_SERVERS'
set interfaces ethernet eth1 hw-id 'xx:xx:xx:xx:xx:55'
set interfaces ethernet eth2 address 'xxx.xxx.51.1/24'
set interfaces ethernet eth2 description 'VLAN1510_LAPTOPS'
set interfaces ethernet eth2 hw-id 'xx:xx:xx:xx:xx:5f'
set interfaces loopback lo
set nat source rule 10 outbound-interface 'eth0'
set nat source rule 10 source address 'xxx.xxx.50.0/24'
set nat source rule 10 translation address 'masquerade'
set nat source rule 11 outbound-interface 'eth0'
set nat source rule 11 source address 'xxx.xxx.51.0/24'
set nat source rule 11 translation address 'masquerade'
set protocols static route xxx.xxx.0.0/0 next-hop xxx.xxx.41.254
set service dhcp-server listen-address 'xxx.xxx.50.1'
set service dhcp-server listen-address 'xxx.xxx.51.1'
set service dhcp-server shared-network-name xxxxxx authoritative
set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.50.0/24 default-router 'xxx.xxx.50.1'
set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.50.0/24 name-server 'xxx.xxx.50.1'
set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.50.0/24 range VLAN1500_RANGE start 'xxx.xxx.50.50'
set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.50.0/24 range VLAN1500_RANGE stop 'xxx.xxx.50.150'
set service dhcp-server shared-network-name xxxxxx authoritative
set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.51.0/24 default-router 'xxx.xxx.51.1'
set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.51.0/24 name-server 'xxx.xxx.51.1'
set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.51.0/24 range VLAN1510_RANGE start 'xxx.xxx.51.50'
set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.51.0/24 range VLAN1510_RANGE stop 'xxx.xxx.51.150'
set service dns forwarding allow-from 'xxx.xxx.50.0/24'
set service dns forwarding allow-from 'xxx.xxx.51.0/24'
set service dns forwarding cache-size '0'
set service dns forwarding listen-address 'xxx.xxx.50.254'
set service dns forwarding listen-address 'xxx.xxx.51.254'
set service dns forwarding name-server 'xxx.xxx.0.61'
set service dns forwarding name-server 'xxx.xxx.0.62'
set service dns forwarding source-address 'xxx.xxx.41.1'
set service ssh client-keepalive-interval '30'
set service ssh dynamic-protection block-time '120'
set service ssh dynamic-protection detect-time '1800'
set service ssh listen-address 'xxx.xxx.41.1'
set service ssh port '22'
set system config-management commit-revisions '100'
set system conntrack modules ftp
set system conntrack modules h323
set system conntrack modules nfs
set system conntrack modules pptp
set system conntrack modules sip
set system conntrack modules sqlnet
set system conntrack modules tftp
set system console device ttyS0 speed '115200'
set system host-name xxxxxx
set system login banner post-login 'banner'
set system login banner pre-login 'banner'
set system login user xxxxxx authentication encrypted-password xxxxxx
set system login user xxxxxx authentication public-keys xxxx@xxx.xxx key xxxxxx
set system login user xxxxxx authentication public-keys xxxx@xxx.xxx type ssh-xxx
set system ntp server xxxxx.tld
set system ntp server xxxxx.tld
set system ntp server xxxxx.tld
set system syslog global facility all level 'info'
set system syslog global facility protocols level 'debug'
set zone-policy zone LAPTOPS default-action 'drop'
set zone-policy zone LAPTOPS description 'VLAN1510_LAPTOPS'
set zone-policy zone LAPTOPS from LOCAL firewall name 'LOCAL-LAPTOPS'
set zone-policy zone LAPTOPS interface 'eth2'
set zone-policy zone LOCAL default-action 'drop'
set zone-policy zone LOCAL description 'LOCALSYSTEM'
set zone-policy zone LOCAL from LAPTOPS firewall name 'LAPTOPS-LOCAL'
set zone-policy zone LOCAL from SERVERS firewall name 'SERVERS-LOCAL'
set zone-policy zone LOCAL from WAN firewall name 'WAN-LOCAL'
set zone-policy zone LOCAL local-zone
set zone-policy zone SERVERS default-action 'drop'
set zone-policy zone SERVERS description 'VLAN1500_SERVERS'
set zone-policy zone SERVERS from LOCAL firewall name 'LOCAL-SERVERS'
set zone-policy zone SERVERS interface 'eth1'
set zone-policy zone WAN default-action 'drop'
set zone-policy zone WAN description 'WAN'
set zone-policy zone WAN from LOCAL firewall name 'LOCAL-WAN'
set zone-policy zone WAN interface 'eth0'