VERSION {500}
MR { 1 }

#
# ATTRIBUTE SYNTAX DESCRIPTION:
#
# datasource: "<table_gid>,<table_gid>"
#            data are sourced from another table object
#
# parseflag: "attribute1,attribute2,..."
#           hidden        -> dont prompt any hint to user
#           movable       -> make the table entry to be moveable
#           must          -> force check the value no matter if the attribute is changed
#           readonly      -> the command is readonly
#           skip          -> the command is not available
#           unchangable   -> the command is not changeable after set
#           keeporder     -> dont alphabetically sort the children when prompting helpmsg
#           static        -> cannot add or delete entry for the table object
#           resourcequota -> setting checked with the resources, such as disk or memory
#
# VALIDATE:  <type> <level|value>;
#           type could be REGEX|RANGE|IP_ADDRESS|IP_ADDRESS_MASK|ISDOMAIN|HOSTNAME|EMAIL_ADDRESS|
#                              URL|USA_SIN|NO_XSS
#           level could be RELAXED|STRICT|ULTIMATE
#
# fmg_not_sync:
# ha_not_sync:  0 -> sync for ha and haconf (default); sync always
#               1 -> sync for ha only; dont sync if haconf
#               2 -> sync for none; don't sync
#
# condition:  <gid>:<operator>:<value>
#             operator could be eq|ne|lt|le|gt|ge|EQ|NE|LT|LE|GT|GE (capital means AND)
#             extenstion: ba|BA(bit and capital means AND)
#
# filter:  <gid>:<operator>:<arg1>:<arg2>
#            operator could be (capital means AND):
#					eq :  <gid>.value == <arg1>                     => arg1 is value
#					geq :  <gid>.value == <arg1>.value              => arg1 is gid
#					gop :  <gid>.value + <arg2> == <arg1>.value     => arg1 is gid, arg2 is value
# signed_int: signed int
# defaultval: set default value
# subnet_type: network -> with ip correction. ip.saved = ip & mask  (default)
#              host    -> no ip correction. ip must not be ip&mask


# move before system global, because system.global default-certificate need
# use this

# MACRO:           $[a-zA-Z][a-zA-Z0-9_]* macro defined on syntax_macro.c
# PLATFORM_VALUES: @{platform_conds:value;...}
#   platforms lists (sequence defined in include/cfgcommon.h PlatIdx):
#     'FWB_Beg' 'FWB_400B' 'FWB_400C' 'FWB_1000B' 'FWB_1000C' 'FWB_3000C' 'FWB_3000CFSX' 'FWB_4000C' 'FWB_VM'
#		'FWB_End'
#   other platform_conds : 'all' 'debug' 'release' '32b' '64b'
#   platform_conds can also support '&' '|' and '()', like '32b&(FWB_400B-FWB_3000C)' means 32bit build from 400B to 3000C
#   the right platform_conds value will overwrite left platform_conds value
#on GUI, this class's java data is under directory for shared

GLOBAL COMPLEX "system global" "system global configuration" 100 {
	ATTR STRING "hostname" "appliance\'s host name" 101 {
		VALIDATE HOSTNAME RELAXED;
		ha_not_sync = 2;
		brieflist = 1;
		defaultval = "FortiWeb";
	}
	ATTR OPTION_EN "adom-admin" "enable/disable " 102 {
		parseflag = @{all=skip;FWB_VM|FWB_400B|FWB_400C|FWB_1000B|FWB_1000C|FWB_1000D|FWB_3000C|FWB_3000CFSX|FWB_3000D|FWB_3000DFSX|FWB_4000C|FWB_4000D=null};
		defaultval = disable;
		brieflist = 1;
	}
	ATTR OPTION_EN "strong-password" "enable/disable Strong Passwords " 103 {
		defaultval = disable;
		brieflist = 1;
	}
	ATTR OPTION_EN "single-admin-mode" "enable/disable single-admin-mode" 104 {
		defaultval = disable;
		brieflist = 1;
	}
	ATTR INT "admin-port" "admin access http port <1, 65535>" 105 {
		VALIDATE RANGE 1:65535;
		defaultval = 80;
		brieflist = 1;
	}
	ATTR INT "confsync-port" "config sync service port <1, 65535>" 106 {
		VALIDATE RANGE 1:65535;
		defaultval = 995;
		brieflist = 1;
	}
	ATTR INT "admin-sport" "admin access https port <1, 65535>" 107 {
		VALIDATE RANGE 1:65535;
		defaultval = 443;
		brieflist = 1;
	}
	ATTR OPTION_EN "weak-enc" "policy weak ssl encryption: enable/disable" 108 {
		defaultval = disable;
		brieflist = 1;
	}
	ATTR OPTION_EN "ssl-md5" "policy ssl using MD5 algorithm: enable/disable" 109 {
		defaultval = disable;
		brieflist = 1;
	}
	ATTR OPTION_EN "no-ssl-renegotiation" "SSLv3/TLS1.0 renegotiation" 110 {
		defaultval = disable;
		brieflist = 1;
	}
	ATTR OPTION_EN "cli-signature" "CLI added signature:enable/disable" 111 {
		defaultval = disable;
		brieflist = 1;
	}
	ATTR OPTION_EN "dst" "enable/disable daylight saving time" 112 {
		defaultval = disable;
		brieflist = 1;
	}
	ATTR OPTION_EN "ie6workaround" "enable/disable workaround navigation bar freeze on IE6" 113 {
		defaultval = disable;
		brieflist = 1;
	}
	ATTR INT "admintimeout" "Set the idle time-out for firewall administration" 114 {
		defaultval = 5;
		brieflist = 1;
	}
	ATTR INT "refresh" "Statistics refresh interval in Web Interface" 115 {
		VALIDATE RANGE 1:LONG_MAX;
		defaultval = 80;
		brieflist = 1;
	}
	ATTR OPTION "timezone" "time zone" 116 {
		brieflist = 1;
		CHOICES {
			00 == 0 ::: "(GMT-12:00)Eniwetok,Kwajalein";
			01 == 1 ::: "(GMT-11:00)Midway Island, Samoa";
			02 == 2 ::: "(GMT-10:00)Hawaii";
			03 == 3 ::: "(GMT-9:00)Alaska";
			04 == 4 ::: "(GMT-8:00)Pacific Time(US&Canada)";
			05 == 5 ::: "(GMT-7:00)Arizona";
			06 == 6 ::: "(GMT-7:00)Mountain Time(US&Canada)";
			07 == 7 ::: "(GMT-6:00)Central America";
			08 == 8 ::: "(GMT-6:00)Central Time(US&Canada)";
			09 == 9 ::: "(GMT-6:00)Mexico City";
			10 == 10 ::: "(GMT-6:00)Saskatchewan";
			11 == 11 ::: "(GMT-5:00)Bogota,Lima,Quito";
			12 == 12 ::: "(GMT-5:00)Eastern Time(US & Canada)";
			13 == 13 ::: "(GMT-5:00)Indiana(East)";
			14 == 14 ::: "(GMT-4:00)Atlantic Time(Canada)";
			15 == 15 ::: "(GMT-4:00)Caracas,La Paz";
			16 == 16 ::: "(GMT-4:00)Santiago";
			17 == 17 ::: "(GMT-3:30)Newfoundland";
			18 == 18 ::: "(GMT-3:00)Brasilia";
			19 == 19 ::: "(GMT-3:00)Buenos Aires, Georgetown";
			20 == 20 ::: "(GMT-3:00)Greenland";
			21 == 21 ::: "(GMT-2:00)Mid-Atlantic";
			22 == 22 ::: "(GMT-1:00)Azores";
			23 == 23 ::: "(GMT-1:00)Cape Verde Is.";
			24 == 24 ::: "(GMT)Casablanca, Monrouia";
			25 == 25 ::: "(GMT)Greenwich Mean Time: Dublin,Edinburgh,Lisbon,London";
			26 == 26 ::: "(GMT+1:00)Amsterdam,Berlin,Bern,Rome,Stockholm,Vienna";
			27 == 27 ::: "(GMT+1:00)Belgrade,Bratislava,Budapest,Ljubljana,Prague";
			28 == 28 ::: "(GMT+1:00)Brussels,Copenhagen,Madrid,Paris";
			29 == 29 ::: "(GMT+1:00)Rundu,Swakopmund,Walvis Bay,Windhoek";
			30 == 30 ::: "(GMT+1:00)Sarajevo,Skopje,Sofija,Vilnius,Warsaw,Zagreb";
			31 == 31 ::: "(GMT+1:00)West Central Africa";
			32 == 32 ::: "(GMT+2:00)Athens,Istanbul,Minsk";
			33 == 33 ::: "(GMT+2:00)Bucharest";
			34 == 34 ::: "(GMT+2:00)Cairo";
			35 == 35 ::: "(GMT+2:00)Harare,Pretoria";
			36 == 36 ::: "(GMT+2:00)Helsinki,Riga,Tallinn";
			37 == 37 ::: "(GMT+2:00)Jerusalem";
			38 == 38 ::: "(GMT+3:00)Baghdad";
			39 == 39 ::: "(GMT+3:00)Kuwait,Riyadh";
			40 == 40 ::: "(GMT+3:00)Moscow,St.Petersburg,Volgograd";
			41 == 41 ::: "(GMT+3:00)Nairobi";
			42 == 42 ::: "(GMT+3:30)Tehran";
			43 == 43 ::: "(GMT+4:00)Abu Dhabi,Muscat";
			44 == 44 ::: "(GMT+4:00)Baku,Tbilisi,Yerevan";
			45 == 45 ::: "(GMT+4:30)Kabul";
			46 == 46 ::: "(GMT+5:00)Ekaterinburg";
			47 == 47 ::: "(GMT+5:00)Islamabad,Karachi,Tashkent";
			48 == 48 ::: "(GMT+5:30)Calcutta,Chennai,Mumbai,New Delhi";
			49 == 49 ::: "(GMT+5:45)Kathmandu";
			50 == 50 ::: "(GMT+6:00)Astana,Dhaka";
			51 == 51 ::: "(GMT+6:00)Almaty,Novosibirsk";
			52 == 52 ::: "(GMT+6:00)Sri Jayawardenepara";
			53 == 53 ::: "(GMT+6:30)Rangoon";
			54 == 54 ::: "(GMT+7:00)Bangkok,Hanoi,Jakarta";
			55 == 55 ::: "(GMT+7:00)Krasnoyarsk";
			56 == 56 ::: "(GMT+8:00)Beijing,ChongQing,HongKong,Urumgi";
			57 == 57 ::: "(GMT+8:00)Irkutsk,Ulaan Bataar";
			58 == 58 ::: "(GMT+8:00)Kuala Lumpur,Singapore";
			59 == 59 ::: "(GMT+8:00)Perth";
			60 == 60 ::: "(GMT+8:00)Taipei";
			61 == 61 ::: "(GMT+9:00)Osaka,Sapporo,Tokyo,Seoul";
			62 == 62 ::: "(GMT+9:00)Yakutsk";
			63 == 63 ::: "(GMT+9:30)Adelaide";
			64 == 64 ::: "(GMT+9:30)Darwin";
			65 == 65 ::: "(GMT+10:00)Brisbane";
			66 == 66 ::: "(GMT+10:00)Canberra,Melbourne,Sydney";
			67 == 67 ::: "(GMT+10:00)Guam,Port Moresby";
			68 == 68 ::: "(GMT+10:00)Hobart";
			69 == 69 ::: "(GMT+10:00)Vladivostok";
			70 == 70 ::: "(GMT+11:00)Magadan";
			71 == 71 ::: "(GMT+11:00)Solomon Is.,New Caledonia";
			72 == 72 ::: "(GMT+12:00)Auckland,Wellington";
			73 == 73 ::: "(GMT+12:00)Fiji,Kamchatka,Marshall Is.";
			74 == 74 ::: "(GMT+13:00)Nuku\'alofa";
		}
		defaultval=04;
	}
	ATTR STRING "ntpserver" "IP address/hostname of NTP Server" 117 {
		VALIDATE URL RELAXED;
		brieflist = 1;
		defaultval = "pool.ntp.org";
	}
	ATTR OPTION_EN "ntpsync" "enable/disable synchronization with NTP Server" 118 {
		defaultval = enable;
		brieflist = 1;
	}
	ATTR INT "syncinterval" "NTP synchronization interval" 119 {
		VALIDATE RANGE 1:1440;
		defaultval = 60;
		brieflist = 1;
	}
	ATTR OPTION "language" "GUI display language" 120 {
		brieflist = 1;
		defaultval = english;
		CHOICES {
			english == 1 ::: "English";
			simch == 2 ::: "Simplified Chinese";
			japanese == 3 ::: "Japanese";
			korean == 4 ::: "korean";
			spanish == 5 ::: "Spanish";
			trach == 6 ::: "Traditional Chinese";
			french == 7 ::: "French";
		}
	}
	ATTR INT "auth-timeout" "auth timeout (1-60000 milliseconds)" 122 {
		brieflist = 1;
		VALIDATE RANGE 1:60000;
		defaultval = 2000;
	}
}

GLOBAL TABLE "system accprofile" "configure system admin access group" 280 {
	TABLENAME STRING "name" "profile name" 281 {
		VALIDATE NO_XSS RELAXED;
		ATTR OPTION "mntgrp" "Access permission for maintain group policy/profile" 282 {
                        CHOICES {
                                none == 0 ::: "no access";
                                r == 1 ::: "read access";
                                rw == 3 ::: "read/write access";
                        }
                        defaultval = none;
                        brieflist = 1;
                }
		ATTR OPTION "admingrp" "Access permission for admin group policy/profile" 283 {
			CHOICES {
				none == 0 ::: "no access";
				r == 1 ::: "read access";
				rw == 3 ::: "read/write access";
			}
			defaultval = none;
			brieflist = 1;
		}
		ATTR OPTION "sysgrp" "Access permission for system group policy/profile" 284 {
                        CHOICES {
                                none == 0 ::: "no access";
                                r == 1 ::: "read access";
                                rw == 3 ::: "read/write access";
                        }
                        defaultval = none;
                        brieflist = 1;
                }
		ATTR OPTION "netgrp" "Access permission for network group policy/profile" 285 {
                        CHOICES {
                                none == 0 ::: "no access";
                                r == 1 ::: "read access";
                                rw == 3 ::: "read/write access";
                        }
                        defaultval = none;
                        brieflist = 1;
                }
		ATTR OPTION "loggrp" "Access permission for log group policy/profile" 286 {
                        CHOICES {
                                none == 0 ::: "no access";
                                r == 1 ::: "read access";
                                rw == 3 ::: "read/write access";
                        }
                        defaultval = none;
                        brieflist = 1;
                }
		ATTR OPTION "authusergrp" "Access permission for auth user group policy/profile" 288 {
                        CHOICES {
                                none == 0 ::: "no access";
                                r == 1 ::: "read access";
                                rw == 3 ::: "read/write access";
                        }
                        defaultval = none;
                        brieflist = 1;
                }
		ATTR OPTION "traroutegrp" "Access permission for traffic route group policy/profile" 289 {
                        CHOICES {
                                none == 0 ::: "no access";
                                r == 1 ::: "read access";
                                rw == 3 ::: "read/write access";
                        }
                        defaultval = none;
                        brieflist = 1;
                }
		ATTR OPTION "wafgrp" "Access permission for waf group policy/profile" 291 {
                        CHOICES {
                                none == 0 ::: "no access";
                                r == 1 ::: "read access";
                                rw == 3 ::: "read/write access";
                        }
                        defaultval = none;
                        brieflist = 1;
                }
		ATTR OPTION "learngrp" "Access permission for learn group policy/profile" 292 {
                        CHOICES {
                                none == 0 ::: "no access";
                                r == 1 ::: "read access";
                                rw == 3 ::: "read/write access";
                        }
                        defaultval = none;
                        brieflist = 1;
                }
		ATTR OPTION "wadgrp" "Access permission for wad group policy/profile" 293 {
                        CHOICES {
                                none == 0 ::: "no access";
                                r == 1 ::: "read access";
                                rw == 3 ::: "read/write access";
                        }
                        defaultval = none;
                        brieflist = 1;
                }
		ATTR OPTION "wvsgrp" "Access permission for wvs group policy/profile" 294 {
                        CHOICES {
                                none == 0 ::: "no access";
                                r == 1 ::: "read access";
                                rw == 3 ::: "read/write access";
                        }
                        defaultval = none;
                        brieflist = 1;
                }
	}
}

GLOBAL TABLE "system dashboard" "system dashboard" 330 {
	parseflag = "static";
	TABLENAME STRING "name" "dashboard name" 331 {
		ATTR STRING "help" "dashboard help" 332 {
			
		}
	}
}

GLOBAL TABLE "user ldap-user" "ldap users" 1020 {
	TABLENAME STRING "name" "name" 1021 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		ATTR IPADDR "server" "LDAP server" 1022 {
			parseflag = "must";
			brieflist = 1;
			ipversion = 4;
                        subnet_type = host;
		}
		ATTR INT "port" "LDAP server port" 1023 {
			defaultval = 389;
			brieflist = 1;
			VALIDATE RANGE 1:65535;
		}
		ATTR STRING "common-name-id" "common name id" 1024 {
			parseflag = "must";
			VALIDATE NO_XSS RELAXED;
			brieflist = 1;
		}
		ATTR STRING "distinguished-name" "distinguished name" 1025 {
			parseflag = "must";
			VALIDATE NO_XSS RELAXED;
			brieflist = 1;
		}
		ATTR OPTION "bind-type" "bind type" 1026 {
			CHOICES {
				simple == 1;
				regular == 2;
				anonymous == 3;
			}
			defaultval = simple;
			brieflist = 1;
		}
		ATTR OPTION_EN "ssl-connection" "SSL connection" 1027 {
			defaultval = enable;
			brieflist = 1;
		}
		ATTR OPTION "protocol" "" 1028 {
			CHOICES {
				ldaps == 1;
				starttls == 2;
			}
			defaultval = ldaps;
			brieflist = 1;
		}
		ATTR STRING "username" "" 1029 {
			VALIDATE NO_XSS RELAXED;
			brieflist = 1;
		}
		ATTR PASSWD "password" "" 1030 {
			brieflist = 1;
		}
		ATTR STRING "filter" "" 1031 {
			brieflist = 1;
		}
		ATTR OPTION_EN "group_authentication" "" 1032 {
			defaultval = enable;
			brieflist = 1;
		}
		ATTR OPTION "group_type" "" 1033 {
			CHOICES {
				open-ldap == 1;
				windows-ad == 2;
				edirectory == 3;
			}
			defaultval = open-ldap;
			brieflist = 1;
		}
		ATTR STRING "group_dn" "" 1034 {
			VALIDATE NO_XSS RELAXED;
			brieflist = 1;
		}
	}
}

GLOBAL TABLE "user radius-user" "radius users" 1040 {
	TABLENAME STRING "name" "name" 1041 {
		VALIDATE NO_XSS RELAXED;
		ATTR IPADDR "server" "server" 1042 {
			brieflist = 1;
			ipversion = 4;
			subnet_type = host;
			parseflag = "must";
		}
		ATTR INT "server-port" "server port" 1043 {
			defaultval = 1812;
			VALIDATE RANGE 1:65535;
		}
		ATTR PASSWD "secret" "secret" 1044 {
			VALIDATE NO_XSS RELAXED;
			parseflag = "must";
		}
		ATTR IPADDR "secondary-server" "server" 1045 {
			brieflist = 1;
			ipversion = 4;
			subnet_type = host;
		}
		ATTR INT "secondary-server-port" "secondary server port" 1046 {
			defaultval = 1812;
			VALIDATE RANGE 1:65535;
		}
		ATTR PASSWD "secondary-secret" "secondary secret" 1047 {
			VALIDATE NO_XSS RELAXED;
		}
		ATTR IPADDR "nas-ip" "nas IP" 1048 {
			brieflist = 1;
			ipversion = 4;
			subnet_type = host;
		}
		ATTR OPTION "auth-type" "auth type" 1049 {
			CHOICES {
				default == 0;
				chap == 1;
				ms_chap == 2;
				ms_chap_v2 == 3;
				pap == 4;
			}
			defaultval = default;
		}
	}
}

GLOBAL TABLE "user admin-usergrp" "user admin-usergrp" 1070 {
	TABLENAME STRING "name" "name" 1071 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		TABLE "members" "members" 1072 {
			parseflag = "movable";
			TABLENAME INT "<No.>" "The number of user admin-usergrp members" 1073 {
				ATTR OPTION "type" "type " 1074 {
					CHOICES {
						ldap == 2 ::: "LDAP user";
						radius == 3 ::: "RADIUS user";
					}
					defaultval = ldap;
					brieflist = 1;
				}
				ATTR DATASOURCE "ldap-name" "ldap user" 1076 {
					brieflist = 1;
					datasource = "1020";
				}
				ATTR DATASOURCE "radius-name" "radius user" 1077 {
					brieflist = 1;
					datasource = "1040";
				}
#				ATTR DATASOURCE "name" "name " 1075 {
#					brieflist = 1;
#					datasource = "1020,1040";
#				}
			}
		}
	}
}


BOTH TABLE "system admin" "admin user configuration" 340 {
	TABLENAME STRING "name" "admin user name" 341 {
		VALIDATE NO_XSS RELAXED;
		parseflag = "keeporder";
		ATTR IPADDR_MASK "trusthost1" "admin user trust host ip, default 0.0.0.0 0.0.0.0 for all" 343 {
			brieflist = 1;
			ipversion = 4;
			subnet_type = host;
		}
		ATTR IPADDR_MASK "trusthost2" "admin user trust host ip, default 0.0.0.0 0.0.0.0 for all" 344 {
			brieflist = 1;
			ipversion = 4;
			subnet_type = host;
		}
		ATTR IPADDR_MASK "trusthost3" "admin user trust host ip, default 0.0.0.0 0.0.0.0 for all" 345 {
			brieflist = 1;
			ipversion = 4;
			subnet_type = host;
		}
		ATTR DATASOURCE "access-profile" "admin user access profile" 346 {
			parseflag = "must";
			brieflist = 1;
			datasource = "280";
		}
		ATTR STRING "last-name" "last name" 347 {
			
		}
		ATTR STRING "first-name" "first name" 348 {
			
		}
		ATTR STRING "email-address" "email address" 349 {
			VALIDATE EMAIL_ADDRESS RELAXED;
		}
		ATTR STRING "phone-number" "phone number" 350 {
			
		}
		ATTR STRING "mobile-number" "mobile number" 351 {
			
		}
		ATTR INT "hidden" "admin user hidden attribute" 352 {
			parseflag = "readonly";
		}
		ATTR DATASOURCE "domains" "virtual domain list" 353 {
			parseflag = "must";
			datasource = "2";
			condition = 102:EQ:1;
		}
		TABLE "dashboard" "set gui custom dashboard" 354 {
			parseflag = "hidden,keeporder";
			TABLENAME DATASOURCE "moduleid" "set custom dashboard module id" 355 {
				datasource = "330";
				ATTR INT "column" "set custom dashboard column id (1-2)" 356 {
					VALIDATE RANGE 1:2;
				}
				ATTR INT "refresh-interval" "set custom dashboard refresh interval (10-1200)" 357 {
					VALIDATE RANGE 10:1200;
					defaultval = 300;
				}
				ATTR INT "top-sessions" "set number of top sessions to display" 358 {
					defaultval = 10;
				}
				ATTR OPTION "sort-by" "set top sessions sort criteria " 359 {
					CHOICES {
						source == 1 ::: "sort top sessions by source address";
						destination == 2 ::: "sort top sessions by destination address";
					}
					defaultval = source;
					brieflist = 1;
				}
				ATTR INT "top-viruses" "set number of top viruses to display" 360 {
					defaultval = 10;
				}
				ATTR INT "top-attacks" "set number of top attacks to display" 361 {
					defaultval = 10;
				}
				ATTR STRING "interface" "traffic history monitored interface" 362 {
					#defaultval = "external";
					brieflist = 1;
				}
				ATTR OPTION "refresh" "traffic history monitored interface" 363 {
					CHOICES {
						enable == 30 ::: "enable automatic refresh";
						disable == 0 ::: "disable automatic refresh";
					}
					defaultval = disable;
				}
				ATTR OPTION "status" "set custom dashboard status" 364 {
					CHOICES {
						close == 0 ::: "close dashboard";
						open == 1 ::: "open dashboard";
					}
					defaultval = open;
					brieflist = 1;
				}
				ATTR OPTION "show-system-restart" "Display system restart on alert message console" 365 {
					CHOICES {
						enable == 0x01 : SET :: "enable display on alert message";
						disable == 0x01 : UNSET :: "disable display on alert message";
					}
					defaultval = disable;
				}
				ATTR OPTION "show-conserve-mode" "Display conserve mode on alert message console" 366 {
					CHOICES {
						enable == 0x010 : SET :: "enable display on alert message";
						disable == 0x010 : UNSET :: "disable display on alert message";
					}
					defaultval = disable;
				}
				ATTR OPTION "show-firmware-change" "Display firmware upgrade/downgrade on alert message console" 367 {
					CHOICES {
						enable == 0x0100 : SET :: "enable display on alert message";
						disable == 0x0100 : UNSET :: "disable display on alert message";
					}
					defaultval = disable;
				}
				ATTR OPTION "show-fortianalyzer-chart" "Display FortiAnalyzer disk usage chart" 368 {
					CHOICES {
						enable == 0x01 : SET :: "enable display on system resources";
						disable == 0x01 : UNSET :: "disable display on system resources";
					}
					defaultval = disable;
				}
				ATTR OPTION "show-fds-chart" "Display FortiGuard log disk usage chart" 369 {
					CHOICES {
						enable == 0x010 : SET :: "enable display on system resources";
						disable == 0x010 : UNSET :: "disable display on system resources";
					}
					defaultval = disable;
				}
			}
		}
		ATTR OPTION "type" "admin user auth type" 370 {
			CHOICES {
				local-user == 0 ::: "local user";
				remote-user == 1 ::: "remote user";
			}
			defaultval = local-user;
		}
		ATTR DATASOURCE "admin-usergrp" "admin user group" 371 {
			datasource = "1070";
			condition = 370:eq:1;
		}
		ATTR PASSWD "password" "admin user password" 342 {
			defaultval = "ENC XXUp2ozpdysrQ";
			admin_passwd = 1;
			condition = 370:eq:0;
		}
		ATTR IPADDR_MASK "ip6trusthost1" "admin user trust host ip, default ::/0 for all" 372 {
			brieflist = 1;
			ipversion = 6;
			subnet_type = host;
		}
		ATTR IPADDR_MASK "ip6trusthost2" "admin user trust host ip, default ::/0 for all" 373 {
			brieflist = 1;
			ipversion = 6;
			subnet_type = host;
		}
		ATTR IPADDR_MASK "ip6trusthost3" "admin user trust host ip, default ::/0 for all" 374 {
			brieflist = 1;
			ipversion = 6;
			subnet_type = host;
		}
	}
}

GLOBAL COMPLEX "system advanced" "system advanced configuration" 220 {
	ATTR OPTION_EN "share-ip" "shared ip" 221 {
		defaultval = disable;
	}
	ATTR OPTION_EN "circulate-url-decode" "circulate url decode" 222 {
		defaultval = disable;
	}
	ATTR OPTION_EN "disable-client-side-ssl-negotiations" "disable client side ssl negotiations" 224 {
		defaultval = enable;
	}
	ATTR OPTION_EN "prioritize-rc4-cipher-suite" "prioritize RC4 cipher suite" 225 {
		defaultval = enable;
	}
	ATTR OPTION "max-http-header-length" "max HTTP header length for parse" 226 {
		CHOICES{
			8k-cache == 8192;
			12k-cache == 12288;
		}
		defaultval = 8k-cache;
	}
	ATTR OPTION "max-http-argbuf-length" "max HTTP argument buffer length" 227 {
		CHOICES{
			8k-cache == 8192;
			16k-cache == 16384;
			32k-cache == 32768;
			64k-cache == 65536;
		}
		defaultval = 8k-cache;
	}
	ATTR INT "max-cache-size" "max cache size(kB)" 230 {
		brieflist = 1;
		VALIDATE RANGE 32:1024;
		defaultval = 64;
	}
	ATTR OPTION "upfile-count" "uploaded file number limit: 8/16" 231 {
		CHOICES{
			8 == 8;
                        16 == 16;
		}
		defaultval = 8;
	}
	ATTR INT "max-dos-alert-interval" "max dos alert interval" 232 {
		brieflist = 1;
		defaultval = 180;
		VALIDATE RANGE 0:3600;
	}
	ATTR INT "max-dlp-cache-size" "max dlp cache size" 233 {
		brieflist = 1;
		defaultval = 12;
		VALIDATE RANGE 1:100;
	}
}

GLOBAL COMPLEX "system console" "console configuration" 830 {
	ATTR OPTION "mode" "mode" 831 {
		CHOICES {
			line  == 1  ::: "line mode";
			batch   == 2  ::: "batch mode";
		}
		defaultval = line;
		brieflist = 1;
	}
	ATTR OPTION "baudrate" "baudrate" 832 {
		CHOICES {
			9600  == 9600;
			19200  == 19200;
			38400  == 38400;
			57600  == 57600;
			115200  == 115200;
		}
		defaultval = 9600;
		brieflist = 1;
	}
	ATTR OPTION "output" "output" 833 {
		CHOICES {
			standard  == 0  ::: "standard output";
			more   == 1  ::: "more page output";
		}
		defaultval = standard;
		brieflist = 1;
	}
	ATTR OPTION "shell" "console shell" 834 {
		CHOICES {
			cli  == 0  ::: "cli shell";
			sh   == 1  ::: "busybox shell";
		}
		defaultval = cli;
		brieflist = 1;
	}
}

GLOBAL COMPLEX "system raid" "raid" 840 {
	parseflag = @{all=null;FWB_400B|FWB_400C|FWB_VM=skip};
	ATTR OPTION "level" "RAID level" 841 {
		CHOICES {
#			invalid == 0  ::: "invalid";
#			linear  == 1  ::: "linear";
#			spare   == 2  ::: "spare";
#			raid0   == 3  ::: "raid0";
			raid1   == 4  ::: "raid1";
#			raid1s  == 5  ::: "raid1s";
#			raid5   == 6  ::: "raid5";
#			raid5s  == 7  ::: "raid5s";
#			raid10  == 8  ::: "raid10";
#			raid10s == 9  ::: "raid10s";
#			raid50  == 10 ::: "raid50";
#			raid50s == 11 ::: "raid50s";
		}
		brieflist = 1;
	}
}

GLOBAL COMPLEX "system ip-detection" "ip detection" 850 {
	ATTR OPTION "share-ip-detection-level" "detection level for share IP" 851 {
		CHOICES {
			low == 1 ::: "Low level";
			medium == 2 ::: "Medium level";
			high == 3 ::: "High level";
		}
		defaultval = low;
		brieflist = 1;
	}
}

GLOBAL COMPLEX "system autoupdate override" "system autoupdate override" 730 {
	ha_not_sync = 2;
	ATTR OPTION_EN "status" "enable/disable FDS server override" 731 {
		defaultval = disable;
	}
	ATTR STRING "address" "set the FDS override server address" 732 {
	}
	ATTR OPTION_EN "fail-over" "enable/disable FDS server fail over" 733 {
		defaultval = enable;
	}
}

GLOBAL COMPLEX "system autoupdate schedule" "system autoupdate schedule" 740 {
	parseflag = "keeporder";
	ha_not_sync = 2;
	ATTR OPTION_EN "status" "enable/disable scheduled updates" 741 {
	}
	ATTR OPTION "frequency" "configure the update frequency" 742 {
		CHOICES {
			every == 0 ::: "time interval";
			daily == 1 ::: "every day";
			weekly == 2 ::: "every week";
		}
		defaultval = every;
	}
	ATTR USER "time" "configure the update time" 743 {
		#parseflag = "must";
	}
	ATTR OPTION"day" "configure the update day" 744 {
		CHOICES {
			Sunday 	  == 0 ::: "update every Sunday";
			Monday	  == 1 ::: "update every Monday";
			Tuesday   == 2 ::: "update every Tuesday";
			Wednesday == 3 ::: "update every Wednesday";
			Thursday  == 4 ::: "update every Thursday";
			Friday    == 5 ::: "update every Friday";
			Saturday  == 6 ::: "update every Saturday";
		}
		defaultval = Monday;
		condition = 742:eq:2;
	}
}

GLOBAL COMPLEX "system autoupdate tunneling" "system autoupdate tunneling" 750 {
	ha_not_sync = 2;
	ATTR OPTION_EN "status" "enable/disable web proxy tunneling" 751 {
		brieflist = 1;
	}
	ATTR STRING "address" "configure the web proxy ip address or fqdn" 752 {
		brieflist = 1;
	}
	ATTR INT "port" "configure the web proxy port" 753 {
		VALIDATE RANGE 0:65535;
		brieflist = 1;
	}
	ATTR STRING "username" "configure the web proxy username" 754 {
		brieflist = 1;
	}
	ATTR PASSWD "password" "configure the web proxy password" 755 {
		brieflist = 1;
	}
}


GLOBAL COMPLEX "system fail-open" "system Fail Open" 540 {
#	parseflag = @{all=skip;FWB_1000C|FWB_1000D|FWB_3000C|FWB_3000CFSX|FWB_4000C|FWB_3000D|FWB_4000D|FWB_3000DFSX=null};
#	ATTR OPTION "type" "Fail Open type" 541 {
#		CHOICES {
#			poweroff-bypass == 0 ::: "Poweroff Bypass";
#			poweroff-cutoff == 1 ::: "Poweroff Cutoff";
#		}
#		defaultval = poweroff-bypass;
#		brieflist = 1;
#	}
#	ATTR OPTION "fiber-type" "Fail Open fiber type" 542 {
#		CHOICES {
#			poweroff-fiber-bypass == 4 ::: "Poweroff Fiber Byass";
#			poweroff-fiber-cutoff == 5 ::: "Poweroff Fiber Cutoff";
#		}
#		defaultval = poweroff-fiber-bypass;
#		brieflist = 1;
#		parseflag = @{all=skip;FWB_3000CFSX|FWB_4000C=null};
#	}
	ATTR OPTION "port1-port2" "port1 to port2" 543 {
		CHOICES {
			poweroff-cutoff == 0 ::: "Poweroff Cutoff";
			poweroff-bypass == 1 ::: "Poweroff Bypass";
		}
		defaultval = poweroff-cutoff;
		brieflist = 1;
#		parseflag = @{all=skip};
	}
	ATTR OPTION "port3-port4" "port3 to port4" 544 {
                CHOICES {
                        poweroff-cutoff == 0 ::: "Poweroff Cutoff";
                        poweroff-bypass == 1 ::: "Poweroff Bypass";
                }
                defaultval = poweroff-cutoff;
                brieflist = 1;
#                parseflag = @{all=skip;FWB_1000C|FWB_1000D=null};
        }
	ATTR OPTION "port5-port6" "port5 to port6" 545 {
                CHOICES {
                        poweroff-cutoff == 0 ::: "Poweroff Cutoff";
                        poweroff-bypass == 1 ::: "Poweroff Bypass";
                }
                defaultval = poweroff-cutoff;
                brieflist = 1;
#                parseflag = @{all=skip;FWB_1000D|FWB_3000C|FWB_3000CFSX|FWB_4000C|FWB_3000D|FWB_3000DFSX|FWB_4000D=null};
        }
	ATTR OPTION "port7-port8" "port7 to port8" 546 {
                CHOICES {
                        poweroff-cutoff == 0 ::: "Poweroff Cutoff";
                        poweroff-bypass == 1 ::: "Poweroff Bypass";
                }
                defaultval = poweroff-cutoff;
                brieflist = 1;
#                parseflag = @{all=skip;FWB_3000CFSX|FWB_4000C|FWB_4000D=null};
        }
	ATTR OPTION "port9-port10" "port9 to port10" 547 {
                CHOICES {
                        poweroff-cutoff == 0 ::: "Poweroff Cutoff";
                        poweroff-bypass == 1 ::: "Poweroff Bypass";
                }
                defaultval = poweroff-cutoff;
                brieflist = 1;
#                parseflag = @{all=skip;FWB_3000D|FWB_3000DFSX=null};
        }
	ATTR OPTION "port11-port12" "port11 to port12" 548 {
                CHOICES {
                        poweroff-cutoff == 0 ::: "Poweroff Cutoff";
                        poweroff-bypass == 1 ::: "Poweroff Bypass";
                }
                defaultval = poweroff-cutoff;
                brieflist = 1;
#                parseflag = @{all=skip;FWB_4000D=null};
        }
}

GLOBAL COMPLEX "system network-option" "network option" 980 {
	ATTR OPTION_EN "tcp-timestamp" "enable/disable" 981 {
		defaultval = enable;
	}
	ATTR OPTION_EN "tcp-tw-recycle" "enable/disable" 982 {
		defaultval = enable;
	}
	ATTR OPTION "tcp-buffer" "tcp buffer" 985 {
		CHOICES{
			default == 0 ::: "Default";
			high == 1 ::: "High";
			max == 2 ::: "Max";
		}
		defaultval = default; 
		brieflist = 1;
	}
}

GLOBAL TABLE "user local-user" "local users" 1000 {
	TABLENAME STRING "name" "name" 1001 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		ATTR STRING "username" "user name" 1002 {
			VALIDATE NO_XSS RELAXED;
			parseflag = "must";
			brieflist = 1;
		}
		ATTR PASSWD "password" "user password" 1003 {
		}
	}
}

GLOBAL TABLE "system interface" "interface configuration" 440 {
	TABLENAME STRING "name" "interface name" 441 {
		#VALIDATE REGEX "^[^ %]*$";
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		ATTR OPTION "type" "interface type" 442 {
			#parseflag = "unchangable";
			CHOICES {
				physical == 0; # skiped by default
				vlan == 1;
				aggregate == 2; 
				#loopback == 6; # skiped by default
			}
			defaultval = vlan;
			brieflist = 1;
		}
		ATTR IPADDR_MASK "ip" "ip address of interface" 443 {
			brieflist = 1;
			#condition = 3:EQ:0;
			ipversion = 4;
			subnet_type = host;
		}
		ATTR IPADDR_MASK "ip6" "ipv6 address of interface" 444 {
			brieflist = 1;
			#condition = 3:EQ:0;
			#condition = 1349:EQ:0;
			#condition = 442:NE:2;
			ipversion = 6;
			subnet_type = host;
			#parseflag = "hidden";
		}
		ATTR OPTION "allowaccess" "Allow access with the interface" 445 {
			multi_opt = 1;
			brieflist = 1;
			CHOICES {
				https == 32: SET;
				ping == 1: SET;
				ssh == 4: SET;
				snmp == 8: SET;
				http == 16: SET;
				telnet == 2: SET;
			}
			brieflist = 1;
			condition = 442:EQ:0;
			condition = 442:NE:2;
		}
		ATTR OPTION "status" "interface status" 453 {
			ha_not_sync = 2;
			CHOICES {
				up == 16 ::: "interface up";
				down == 0 ::: "interface down";
			}
			defaultval = up;
			brieflist = 1;
		}
		ATTR OPTION "mode" "addressing mode" 452 {
			CHOICES {
				static == 0 ::: "static setting";
			}
			brieflist = 1;
			condition = 442:NE:2;
		}
		ATTR INT "vlanid" "vlan ID" 446 {
			VALIDATE RANGE 1:4094;
			condition = 442:EQ:1;
			condition = 442:NE:2;
			brieflist = 1;
		}
		ATTR DATASOURCE "interface" "interface name" 447 {
			datasource = "440";
			condition = 442:EQ:1;
			condition = 442:NE:2;
			brieflist = 1;
		}
		ATTR STRING "description" "description of interface" 448 {
			brieflist = 1;	
			condition = 442:NE:2;
		}
		ATTR OPTION "lacp-speed" "LACP speed" 454 {
			CHOICES {
				slow == 0 ::: "slow";
				fast == 1 ::: "fast";
			}
			defaultval = slow;
			brieflist = 1;
			condition = 442:eq:2;
		}
		ATTR OPTION "algorithm" "fram distribution algorithm" 455 {
			CHOICES {
				layer2 == 0 ::: "layer2";
				layer3_4 == 1 ::: "layer3_4";
				layer2_3 == 2 ::: "layer2_3";
			}
			defaultval = layer2;
			brieflist = 1;
			condition = 442:eq:2;
		}
                ATTR DATASOURCE "intf" "aggregate intf member" 456 {
                        datasource = "440";
                        brieflist = 1;
			condition = 442:eq:2;
                }
		ATTR STRING "modename" "bonding mode name" 457 {
			parseflag = "readonly";
			brieflist = 1;	
			condition = 442:eq:2;
		}
		TABLE "secondaryip" "second ip configuration" 449 {
			TABLENAME INT "<No.>" "The number of the second ip" 450 {
				ATTR IPADDR_MASK "ip" "ip address" 451 {
					brieflist = 1;
					#condition = 3:EQ:0;
					subnet_type = host;
				}
			}
		}
		ATTR OPTION "ip6-allowaccess" "Allow access with the interface" 458 {
			multi_opt = 1;
			brieflist = 1;
			CHOICES {
				https == 32: SET;
				ping == 1: SET;
				ssh == 4: SET;
				snmp == 8: SET;
				http == 16: SET;
				telnet == 2: SET;
			}
			brieflist = 1;
			condition = 442:EQ:0;
			condition = 442:NE:2;
		}
		ATTR DATASOURCE "adom" "virtual domain name" 459 {
			datasource = "2";
			condition = 102:EQ:1;
		}
	}
}

GLOBAL COMPLEX "system ha" "system ha" 550 {
#	parseflag = @{all=null;FWB_VM=skip};
	ATTR OPTION "mode" "mode" 551 {
		CHOICES {
			active-passive == 1 ::: "active-passive mode";
			standalone  == 0 ::: "standalone mode";
		}
		defaultval = standalone;
		ha_not_sync = 2;
	}
	ATTR INT "group-id" "group id, range 0-63" 552 {
		VALIDATE RANGE 0:63;
#		parseflag = "must";
		ha_not_sync = 2;
		condition = 551:eq:1;
	}
	ATTR STRING "group-name" "group name" 553 {
		condition = 551:eq:1;
	}
	ATTR INT "priority" "priority value, range 0-9" 554 {
		VALIDATE RANGE 0:9;
		defaultval = 5;
		ha_not_sync = 2;
		condition = 551:eq:1;
	}
	ATTR OPTION_EN "override" "master HA unit overriding" 555 {
		defaultval = disable;
		condition = 551:eq:1;
	}
	ATTR DATASOURCE "hbdev" "heartbeat interfaces" 556 {
		parseflag = "must";
		datasource = "440";
		condition = 551:eq:1;
		filter = 442:eq:0;
	}
	ATTR DATASOURCE "hbdev-backup" "backup heartbeat interfaces" 557 {
		datasource = "440";
		condition = 551:eq:1;
		filter = 442:eq:0;
	}
	ATTR INT "boot-time" "boot time for Heartbeat, rang 1-100 (s)" 558 {
		VALIDATE RANGE 1:100;
		defaultval = 30;
		condition = 551:eq:1;
	}
	ATTR INT "hb-interval" "detect master is alive interval, range 1-20 (100ms)" 559 {
		VALIDATE RANGE 1:20;
		defaultval = 3;
		condition = 551:eq:1;
	}
	ATTR INT "hb-lost-threshold" "heartbeat threshold for failed, range 1-60 (s)" 560 {
		VALIDATE RANGE 1:60;
		defaultval = 3;
		condition = 551:eq:1;
	}
	ATTR INT "arps" "ARP gradituations, range 1-16" 561 {
		VALIDATE RANGE 1:16;
		defaultval = 3;
		condition = 551:eq:1;
	}
	ATTR INT "arp-interval" "APR interval, range 1-20" 562 {
		VALIDATE RANGE 1:20;
		defaultval = 1;
		condition = 551:eq:1;
	}
	ATTR DATASOURCE "monitor" "interfaces to monitor" 563 {
		multi_attr = int;
		brieflist = 1;
		datasource = "440";
		condition = 551:eq:1;
	}
}

GLOBAL COMPLEX "system settings" "system settings" 490 {
	ATTR OPTION "opmode" "operation mode" 491 {
		CHOICES {
				reverse-proxy == 2;
				offline-protection == 4;
				transparent == 1;
				transparent-inspection == 8;
			}
		defaultval = reverse-proxy;
	}
	ATTR IPADDR "gateway" "default gateway ip address" 492 {
		brieflist = 1;
		ipversion = 4;
		subnet_type = host;
		condition = 491:eq:1;
		condition = 491:eq:8;
	}
	ATTR OPTION_EN "stop-monitor" "enable/disable policy monitor" 493 {
		defaultval = enable;
		brieflist = 1;
	}
	ATTR OPTION_EN "stop-guimonitor" "enable/disable GUI monitor" 494 {
		defaultval = disable;
		brieflist = 1;
	}
	ATTR OPTION_EN "enable-file-upload" "enable/disable GUI file upload" 495 {
		defaultval = disable;
		brieflist = 1;
	}
}

GLOBAL TABLE "system v-zone" "v-zone settings" 600 {
        TABLENAME STRING "name" "v-zone name" 601 {
                VALIDATE NO_XSS RELAXED;
                brieflist = 1;
                ATTR IPADDR_MASK "ip" "IP address of v-zone" 602 {
                        brieflist = 1;
                        ipversion = 4;
                        subnet_type = host;
                }
                ATTR INT "flag" "flag" 605 {
                        brieflist = 1;
                        parseflag = "hidden,readonly";
                }
                ATTR DATASOURCE "interfaces" "v-zone member" 603 {
                        datasource = "440";
                        brieflist = 1;
                }
        }
}

GLOBAL COMPLEX "system conf-sync" "system configuration synchronization" 610 {
	ATTR IPADDR "ip" "IP address of counterpart FortiWEB" 611 {
		brieflist = 1;
		ipversion = 4;
		subnet_type = host;
	}
	ATTR PASSWD "password" "admin password of the counterpart FortiWEB" 612 {
		defaultval = "$5$1231212121212$NxpTvbDA4tzyHD/2Wrvg1oWqVbcnI3q8.s7l/HEyuO/";
		brieflist = 1;
	}
	ATTR OPTION "sync-type" "config sync type" 613 {
		CHOICES {
			partial-sync == 1;
			full-sync == 2;
		}
		defaultval = partial-sync;
		brieflist = 1;
	}
	ATTR INT "server-port" "config sync server port" 614 {
		defaultval = 995;
		VALIDATE RANGE 1:65535;
		brieflist = 1;
	}
}

GLOBAL TABLE "system backup" "system ftp backup" 810 {
	TABLENAME STRING "name" "backup name" 811 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		ATTR OPTION "config-type" "config type" 812 {
			CHOICES {
				full-config == 0 ::: "full config";
				cli-config == 1 ::: "cli config";
				waf-config == 2 ::: "waf config";
			}
			defaultval = cli-config;
			brieflist = 1;
		}
		ATTR OPTION "schedule_type" "schedule type" 813 {
			CHOICES {
				now == 0 ::: "now";
				days == 1 ::: "Specific days of the week";
			}
			defaultval = now;
			brieflist = 1;
		}
		ATTR OPTION "schedule_days" "specify days of the week to run reports" 814 {
			CHOICES {
				sun == 1 : SET :: "Sunday";
				mon == 2 : SET :: "Monday";
				tue == 4 : SET :: "Tuesday";
				wed == 8 : SET :: "Wednesday";
				thu == 16 : SET :: "Thursday";
				fri == 32 : SET :: "Friday";
				sat == 64 : SET :: "Saturday";
			}
#			condition = 813:eq:1; 
			multi_opt = 1;
			brieflist = 1;
		}
		ATTR USER "schedule_time" "specify time of the day to run reports <hh:mm>" 815 {
#			condition = 813:eq:1;
			brieflist = 1;
		}
		ATTR STRING "ftp-server" "ftp server" 816 {
			VALIDATE HOSTNAME RELAXED;
			brieflist = 1;
			parseflag = "must";
		}
		ATTR STRING "ftp-dir" "ftp dir" 817 {
			brieflist = 1;
			parseflag = "must";
		}
		ATTR OPTION_EN "ftp-auth" "ftp auth" 818 {
			defaultval = disable;
			brieflist = 1;
		}
		ATTR STRING "ftp-user" "ftp user" 819 {
			VALIDATE NO_XSS RELAXED;
			brieflist = 1;
#			parseflag = "must";
#			condition = 818:eq:1;
		}
		ATTR PASSWD "ftp-passwd" "ftp passwd" 820 {
			brieflist = 1;
#			parseflag = "must";
#			condition = 818:eq:1;
		}
		ATTR OPTION "protocol-type" "protocol type" 821 {
			CHOICES {
				ftp == 0 ::: "ftp backup";
				sftp == 1 ::: "sftp backup";
			}
			defaultval = ftp;
			brieflist = 1;
		}
		ATTR OPTION_EN "encryption" "use encrypt" 822 {
			defaultval = disable;
			brieflist = 1;
		}
		ATTR PASSWD "encryption-passwd" "encrypt password" 823 {
			brieflist = 1;
		}
	}
}

GLOBAL TABLE "system certificate local" "local certificate file" 870 {
	TABLENAME STRING "name" "certificate name" 871 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		ATTR OPTION "type" "certificate type" 872 {
			CHOICES {
				certificate == 1;
				csr == 2;
			}
			defaultval = certificate;
			brieflist = 1;
		}
		ATTR OPTION "status" "certificate status" 873 {
			CHOICES {
					ok == 1;
					na == 2;
					pending == 3;
			}
			defaultval = ok;
			brieflist = 1;
		}
		ATTR PASSWD "password" "certificate password" 874 {
			brieflist = 1;
		}
		ATTR STRING "comment" "comment of this certificate" 875 {
			brieflist = 1;
		}
		ATTR INT "flag" "flag of this certificate" 876 {
		}
	}
}

GLOBAL TABLE "system certificate remote" "remote certificate file" 880 {
	TABLENAME STRING "name" "certificate name" 881 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		ATTR STRING "ocsp_url" "ocsp URL" 882 {
			VALIDATE URL RELAXED;
			brieflist = 1;
		}
		ATTR STRING "comment" "comment of this certificate" 883 {
			brieflist = 1;
		}
	}
}

GLOBAL COMPLEX "system dns" "Domain Name Server" 620 {
	ATTR IPADDR "primary" "Primary DNS" 621 {
		defaultval = "8.8.8.8";
	}
	ATTR IPADDR "secondary" "Secondary DNS" 622 {
		defaultval = "0.0.0.0";
	}
	ATTR STRING "domain" "local domain name" 623 {
		brieflist = 1;
	}
}

GLOBAL COMPLEX "system snmp sysinfo" "snmp system info configuration" 630 {
	ATTR OPTION_EN "status" "enable/disable" 631 {
		defaultval = disable;
	}
	ATTR STRING "description" "description" 632 {
		VALIDATE NO_XSS RELAXED;
	}
	ATTR STRING "contact-info" "contact information" 633 {
		VALIDATE NO_XSS RELAXED;
	}
	ATTR STRING "location" "location" 634 {
		VALIDATE NO_XSS RELAXED;
	}
}

GLOBAL TABLE "system snmp community" "snmp community configuration" 650{
	TABLENAME INT "<No.>" "The number of community" 651 {
		ATTR STRING "name" "community name" 652 {
			VALIDATE NO_XSS RELAXED;
			parseflag = "must";
		}
		ATTR OPTION_EN "status" "enable/disable" 653 {
			defaultval = enable;
		}
		TABLE "hosts" "allow hosts configuration" 654 {
			TABLENAME INT "id" "host entry id" 655{	
				ATTR IPADDR "ip" "Class A,B,C ip xxx.xxx.xxx.xxx" 656 {
#parseflag = "must";
				        defaultval = "0.0.0.0";
				        ipversion = 4;
				        subnet_type = host;
				        brieflist = 1;
				}	
				ATTR DATASOURCE "interface" "allow interface name" 657 {
					datasource = "440";
				}
			}	
		}
		ATTR OPTION_EN "query-v1-status" "enable/disable snmp v1 query" 658 {
			defaultval = enable;
		}
		ATTR INT "query-v1-port" "snmp v1 query port" 659 {
                        VALIDATE RANGE 1:65535;
                        brieflist = 1;
                        defaultval = 161;
                }
		ATTR OPTION_EN "query-v2c-status" "enable/disable snmp v2c query" 660 {
			defaultval = enable;
		}
		ATTR INT "query-v2c-port" "snmp v2c query port" 661 {
                        VALIDATE RANGE 1:65535;
                        brieflist = 1;
                        defaultval = 161;
                }
		ATTR OPTION_EN "trap-v1-status" "enable/disable snmp v1 trap" 662 {
			defaultval = enable;
		}
		ATTR INT "trap-v1-lport" "snmp v1 trap local port" 663 {
                        VALIDATE RANGE 1:65535;
                        brieflist = 1;
                        defaultval = 162;
                }
		ATTR INT "trap-v1-rport" "snmp v1 trap remote port" 664 {
                        VALIDATE RANGE 1:65535;
                        brieflist = 1;
                        defaultval = 162;
                }
		ATTR OPTION_EN "trap-v2c-status" "enable/disable snmp v2c trap" 665 {
			defaultval = enable;
		}
		ATTR INT "trap-v2c-lport" "snmp v2c trap local port" 666 {
                        VALIDATE RANGE 1:65535;
                        brieflist = 1;
                        defaultval = 162;
                }
		ATTR INT "trap-v2c-rport" "snmp v2c trap remote port" 667 {
                        VALIDATE RANGE 1:65535;
                        brieflist = 1;
                        defaultval = 162;
                }
		ATTR OPTION "events" "SNMP Traps" 668 {
			multi_opt = 1;
			brieflist = 1;
			CHOICES {
				cpu-high == 0x00000001: SET::"CPU usage is high";
				mem-low == 0x00000002: SET::"Memory usage is high";
				log-full == 0x00000004: SET::"available log space is low";
				intf-ip == 0x00000008: SET::"interface IP address changed";
				sys-ha-hbfail == 0x00000010: SET::"HA heartbeat failed";
				sys-mode-change == 0x00000020: SET::"operation mode changed";
				policy-start == 0x00000040: SET::"Policy enabled";
				policy-stop == 0x00000080: SET::"Policy disabled";
				pserver-failed == 0x00000100: SET::"Physical/domain server offline";
				waf-amethod-attack == 0x00100000: SET::"Unallowed HTTP method detected";
				waf-signature-detection == 0x00080000: SET::"Attack detected by signatures";
				waf-url-access-attack == 0x00200000: SET::"Invalid URL access detected";
				waf-spage-attack == 0x00400000: SET::"Invalid start page detected";
				waf-pvalid-attack == 0x00800000: SET::"Invalid parameter detected";
				waf-blogin-attack == 0x04000000: SET::"Brute force login detected";
				#waf-robot-attack == 0x08000000: SET::"WAF robot control trap";
				waf-hidden-fields == 0x01000000: SET::"Invalid hidden field detected";
				waf-access-attack == 0x02000000: SET::"Invalid page order detected";
				netlink-up-status == 0x100000000: SET::"Network link up";
				netlink-down-status == 0x200000000: SET::"Network link down";
			}
		}		
	}
}

GLOBAL TABLE "system certificate ca" "ca certificate file" 890 {
	TABLENAME STRING "name" "certificate name" 891 {
		VALIDATE NO_XSS RELAXED;
		ATTR STRING "comment" "comment of this certificate" 892 {
		}
	}
}

GLOBAL TABLE "system certificate intermediate-certificate" "intermediate certificate file" 910 {
	TABLENAME STRING "name" "intermediate certificate name" 911 {
		VALIDATE NO_XSS RELAXED;
		ATTR STRING "comment" "comment of this certificate" 912 {
		}
	}
}

GLOBAL TABLE "system certificate intermediate-certificate-group" "intermediate certificate group" 920 {
	TABLENAME STRING "name" "name" 921 {
		VALIDATE NO_XSS RELAXED;
		TABLE "members" "members" 922 {
			TABLENAME INT "id" "id" 923{		
				ATTR DATASOURCE "name" "intermediate certificate file" 924 {
					datasource = "910";
				}
			}	
		}
	}
}

GLOBAL TABLE "user ntlm-user" "user ntlm-user" 1050 {
        TABLENAME STRING "name" "name" 1051 {
                VALIDATE NO_XSS RELAXED;
                brieflist =1;
                ATTR INT "port" "port" 1052 {
                        VALIDATE RANGE 1:65535;
                        brieflist = 1;
                        defaultval = 445;
                }
                ATTR IPADDR "server" "server" 1053 {
                        parseflag = "must";
                        defaultval = "0.0.0.0";
                        ipversion = 4;
                        subnet_type = host;
                        brieflist = 1;
                }
        }
}

GLOBAL TABLE "user user-group" "user group" 1060 {
	TABLENAME STRING "name" "name" 1061 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		ATTR OPTION "auth-type" "auth type" 1062 {
			CHOICES {
				basic == 1;
				digest == 2;
				NTLM == 3;
			}
			defaultval = basic;
		}
		TABLE "members" "members" 1063 {
			parseflag = "movable";
			TABLENAME INT "<No.>" "The number of user group members" 1064 {
				ATTR OPTION "type" "type " 1065 {
					CHOICES {
						local == 1 ::: "local user";
						ldap == 2 ::: "LDAP user";
						radius == 3 ::: "RADIUS user";
						ntlm == 4 ::: "NTLM user";
					}
					defaultval = local;
					brieflist = 1;
				}
				ATTR DATASOURCE "local-name" "local user" 1066 {
					brieflist = 1;
					datasource = "1000";
					condition = 1065:eq:1;
				}
				ATTR DATASOURCE "ldap-name" "ldap user" 1067 {
                                        brieflist = 1;
                                        datasource = "1020";
					condition = 1065:eq:2;
                                }
				ATTR DATASOURCE "radius-name" "radius user" 1068 {
                                        brieflist = 1;
                                        datasource = "1040";
					condition = 1065:eq:3;
                                }
				ATTR DATASOURCE "ntlm-name" "ntlm user" 1069 {
                                        brieflist = 1;
                                        datasource = "1050";
					condition = 1065:eq:4;
                                }
			}
		}
	}
}

GLOBAL TABLE "router static" "static route configuration" 3000 {
	TABLENAME INT "<No.>" "The number of the route" 3001 {
		ATTR IPADDR_MASK "dst" "Destination(IPv4/IPv6) for this route" 3002 {
			#defaultval="0.0.0.0";
			brieflist = 1;
			subnet_type = network; # by default is network ip
		}
		ATTR IPADDR "gateway" "Gateway(IPv4/IPv6) for this route" 3003 {
			defaultval="0.0.0.0";
			brieflist = 1;
		}
		ATTR DATASOURCE "device" "Gateway out interface device" 3004 {
			datasource = "440";
		}
	}
}

GLOBAL COMPLEX "router setting" "route table setting" 3050 {
        ATTR OPTION_EN "ip-forward" "enable/disable ip v4 forward" 3051 {
                defaultval = disable;
                brieflist = 1;
        }
        ATTR OPTION_EN "ip6-forward" "enable/disable ip v6 forward" 3052 {
                defaultval = disable;
                brieflist = 1;
        }
}

DOMAIN TABLE "system default_rptlang" "default report language option" 210 {
        parseflag = "hidden";
        TABLENAME STRING "name" "name" 211 {
                VALIDATE NO_XSS RELAXED;
                brieflist = 1;
        }
}

GLOBAL TABLE "log custom-sensitive-rule" "log custom-sensitive-rule" 2010 {
	TABLENAME STRING "id" "id" 2011 {
		VALIDATE NO_XSS RELAXED;
		ATTR OPTION "type" "expression type" 2012 {
			CHOICES {
				general-mask-rule == 0;
				field-mask-rule == 1;
			}
			defaultval = general-mask-rule;
		}
		ATTR STRING "expression" "general expression" 2013 {
		}
		ATTR STRING "field-name" "field name expression" 2014 {
		}
		ATTR STRING "field-value" "field value expression" 2015 {
		}
	}
}

GLOBAL TABLE "log syslog-policy" "syslog policy" 2020 {
	TABLENAME STRING "name" "syslog policy name" 2021 {
		VALIDATE NO_XSS RELAXED;
		ATTR IPADDR "server" "server IP address" 2022 {
			defaultval = "0.0.0.0";
			ipversion = 4;
                        subnet_type = host;
			brieflist = 1;
		}
		ATTR INT "port" "server port" 2023 {
			defaultval = 514;
			VALIDATE RANGE 1:65535;
		}
		ATTR OPTION_EN "csv" "csv setting" 2024 {
			defaultval = disable;
		}
	}
}

GLOBAL COMPLEX "log attack-log" "attack log" 2120 {
	ATTR OPTION_EN "status" "enable/disable" 2121 {
		defaultval = enable;
	}
	ATTR OPTION "packet-log" "packet log setting" 2122 {
		multi_opt = 1;
		brieflist = 1;
		CHOICES {
			parameter-rule-failed == 1: SET;
			#bad-robot == 16: SET;
			allow-robot == 32: SET;
			hidden-fields-failed == 64: SET;
			custom-protection-rule == 256: SET;
			http-protocol-constraints == 1024: SET;
			signature-detection == 4096: SET;
			anti-virus-detection == 8192: SET;
			custom-access == 16384: SET;
			illegal-xml-format == 32768: SET;
			ip-intelligence == 65536: SET;
		}		
	}
	ATTR OPTION_EN "http-parse-error-output" "enable/disable" 2123 {
		brieflist = 1;
		defaultval = disable;
	} 
}

GLOBAL COMPLEX "log traffic-log" "traffic log" 2130 {
	ATTR OPTION_EN "status" "enable/disable" 2131 {
		defaultval = disable;
	}
	ATTR OPTION_EN "packet-log" "enable/disable" 2132 {
		defaultval = disable;
	} 
	ATTR OPTION_EN "disk-log" "enable/disable" 2133 {
		defaultval = disable;
	} 
}

GLOBAL COMPLEX "log disk" "log disk configuration" 2100 {
	ATTR OPTION_EN "status" "enable/disable " 2101 {
		defaultval = enable;
	}
	ATTR OPTION "severity" "log level " 2102 {
		brieflist = 1;
		CHOICES {
			emergency == 0;
			alert == 1;
			critical == 2;
			error == 3;
			warning == 4;
			notification == 5;
			information == 6;
			debug == 7;
		}
		defaultval = information;
	}
	ATTR OPTION "diskfull" "when disk is full How to deal" 2103 {
		brieflist = 1;
		CHOICES {
			nolog == 0;
			overwrite == 1;
		}
		defaultval = overwrite;
	}
	ATTR INT "max-log-file-size" "max log file" 2104 {
		VALIDATE RANGE 100:200;
		defaultval = 100;
	}
}

GLOBAL TABLE "log email-policy" "log email policy configuration" 2030 {
	TABLENAME STRING "name" "email policy name" 2031 {
		VALIDATE NO_XSS RELAXED;
		ATTR STRING "mailfrom" "mail address from" 2032 {
			VALIDATE EMAIL_ADDRESS RELAXED;
		}
		ATTR STRING "mailto1" "set destination email address 1" 2033 {
			VALIDATE EMAIL_ADDRESS RELAXED;
		}
		ATTR STRING "mailto2" "set destination email address 2" 2034 {
			VALIDATE EMAIL_ADDRESS RELAXED;
		}
		ATTR STRING "mailto3" "set destination email address 3" 2035 {
			VALIDATE EMAIL_ADDRESS RELAXED;
		}
		ATTR STRING "smtp-server" "smtp server" 2036 {
			VALIDATE URL RELAXED;
		}
		ATTR OPTION_EN "smtp-auth" "enable/disable smtp server" 2037 {
			defaultval = disable;
		}
		ATTR STRING "smtp-username" "smtp server" 2038 {
			VALIDATE NO_XSS RELAXED;
		}
		ATTR PASSWD "smtp-password" "smtp server" 2039 {
			VALIDATE NO_XSS RELAXED;
		}
		ATTR OPTION "severity" "log level " 2040 {
			brieflist = 1;
			CHOICES {
				emergency == 0;
				alert == 1;
				critical == 2;
				error == 3;
				warning == 4;
				notification == 5;
				information == 6;
				debug == 7;
			}
			defaultval = emergency;
		}
		ATTR INT "emergency-interval" "emergency interval" 2041 {
			VALIDATE RANGE 1:LONG_MAX;
			defaultval = 1;
		}
		ATTR INT "alert-interval" "alert interval" 2042 {
			VALIDATE RANGE 1:LONG_MAX;
			defaultval = 2;
		}
		ATTR INT "critical-interval" "critical interval" 2043 {
			VALIDATE RANGE 1:LONG_MAX;
			defaultval = 3;
		}
		ATTR INT "error-interval" "error interval" 2044 {
			VALIDATE RANGE 1:LONG_MAX;
			defaultval = 5;
		}
		ATTR INT "warning-interval" "warning interval" 2045 {
			VALIDATE RANGE 1:LONG_MAX;
			defaultval = 10;
		}
		ATTR INT "notification-interval" "notification interval" 2046 {
			VALIDATE RANGE 1:LONG_MAX;
			defaultval = 20;
		}
		ATTR INT "infomation-interval" "infomation interval" 2047 {
			VALIDATE RANGE 1:LONG_MAX;
			defaultval = 30;
		}
		ATTR INT "debug-interval" "debug interval" 2048 {
			VALIDATE RANGE 1:LONG_MAX;
			defaultval = 60;
		}
	}
}

GLOBAL COMPLEX "log alertmail" "alert mail configuration" 2160 {
        ATTR OPTION_EN "status" "enable/disable" 2161 {
                defaultval = disable;
        }
        ATTR DATASOURCE "email-policy" "email policy" 2162 {
                brieflist = 1;
                datasource = "2030";
        }
}

DOMAIN TABLE "waf allow-method-exceptions" "allow method exceptions configuration" 5550 {
	TABLENAME STRING "name" "allow method exceptions name" 5551 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		TABLE "allow-method-exception-list" "allow method exception list" 5552 {
			TABLENAME INT "<No.>" "The number of the allow method exception " 5553 {
				ATTR STRING "host" "host address" 5554 {
					VALIDATE NO_XSS RELAXED;
					brieflist = 1;
				}
				ATTR STRING "request-file" "request file " 5555 {
					brieflist = 1;
				}
				ATTR OPTION_EN "host-status" "host status " 5556 {
					brieflist = 1;
				}
				ATTR OPTION "request-type" "request type " 5557 {
					brieflist = 1;
					CHOICES {
						plain == 0;
						regular == 1;
					}
					defaultval = plain;
				}
				ATTR OPTION "allow-request" "allow request " 5558 {
					brieflist = 1;
					multi_opt = 1;
					CHOICES {
						get == 1:SET;
						post == 2:SET;
						head == 4:SET;
						options == 8:SET;
						trace == 16:SET;
						connect == 32:SET;
						delete == 64:SET;
						put == 128:SET;
						others == 2147483648:SET;
					}
				}
			}

		}
		ATTR INT "flag" "flag" 5559 {
			parseflag = "hidden,readonly";
		}
	}
}

GLOBAL TABLE "log fortianalyzer-policy" "log fortianalyzer-policy" 2080 {
	TABLENAME STRING "name" "name" 2081 {
		VALIDATE NO_XSS RELAXED;
		ATTR IPADDR "ip-address" "ip address" 2082 {
			ipversion = 4;
                        #subnet_type = host;
			brieflist = 1;
		}
	}
}

GLOBAL TABLE "log trigger-policy" "log trigger-policy" 2090 {
	TABLENAME STRING "name" "name" 2091 {
		VALIDATE NO_XSS RELAXED;
		ATTR DATASOURCE "email-policy" "Email Policy" 2092 {
			datasource = "2030";
			brieflist = 1;
		}
		ATTR DATASOURCE "syslog-policy" "Syslog Policy" 2093 {
			datasource = "2020";
			brieflist = 1;
		}
		ATTR DATASOURCE "analyzer-policy" "Fortianalyzer Policy" 2094 {
			datasource = "2080";
			brieflist = 1;
		}
	}
}

GLOBAL COMPLEX "log memory" "memory log" 2110 {
	ATTR OPTION_EN "status" "enable/disable" 2111 {
		defaultval = enable;
	}
	ATTR OPTION "severity" "" 2112 {
		CHOICES {
			emergency == 0;
			alert == 1;
			critical == 2;
			error == 3;
			warning == 4;
			notification == 5;
			information == 6;
			debug == 7;
		}
		defaultval = information;
	} 
}

GLOBAL COMPLEX "log event-log" "Event LOG" 2140 {
	ATTR OPTION_EN "status" "enable/disable" 2141 {
		defaultval = enable;
	}
	ATTR OPTION "threshold" "" 2142 {		
		CHOICES {
			50% == 50;
			60% == 60;
			70% == 70;
			80% == 80;
			90% == 90;
		}
		defaultval = 50%;
	} 
	ATTR INT "cpu-high" "cpu usage alert threshold (60-99)" 2143 {
		VALIDATE RANGE 60:99;
		defaultval = 60;
	}
	ATTR INT "mem-high" "mem usage alert threshold (60-99)" 2144 {
		VALIDATE RANGE 60:99;
		defaultval = 60;
	}
	ATTR DATASOURCE "trigger-policy" "Trigger Policy" 2145 {
		datasource = "2090";
		brieflist = 1;
	}
}

GLOBAL COMPLEX "log forti-analyzer" "log analyzer" 2170 {
	ATTR OPTION_EN "status" "enable/disable" 2171 {
		defaultval = disable;
	}
	ATTR OPTION "severity" "log level " 2172 {
		brieflist = 1;
		CHOICES {
			emergency == 0;
			alert == 1;
			critical == 2;
			error == 3;
			warning == 4;
			notification == 5;
			information == 6;
			debug == 7;
		}
		defaultval = information;
	}
	ATTR DATASOURCE "fortianalyzer-policy" "Fortianalyzer Policy" 2173 {
		datasource = "2080";
		brieflist = 1;
	}
}

DOMAIN TABLE "server-policy dserver" "domain server" 4020 {
	TABLENAME STRING "name" "domain server name" 4021 {
		VALIDATE NO_XSS RELAXED;		
		ATTR STRING "domain" "server domain" 4022 {
				VALIDATE ISDOMAIN RELAXED;
                                brieflist = 1;
				parseflag = "must";
                }
		ATTR OPTION_EN "status" "enable/disable" 4023 {
				defaultval = enable;
		}
		ATTR OPTION "type" "ip address type" 4024 {
				brieflist = 1;
				CHOICES {
					IPv4 == 2;
					IPv6 == 10;
				}
				defaultval = IPv4;
		}
	}
}

DOMAIN TABLE "server-policy service custom" "custom" 4030 {
	TABLENAME STRING "name" "service name" 4031 {
		VALIDATE NO_XSS RELAXED;		
		ATTR INT "port" "service port <1, 65535>" 4032 {
			VALIDATE RANGE 1:65535;
			parseflag = "must";
			brieflist = 1;
		}
		ATTR OPTION "protocol" "protocol" 4033 {
				CHOICES {
					TCP == 1 ::: "tcp protocol";
				}
				brieflist = 1;
				defaultval = TCP;
			}
	}
}

DOMAIN TABLE "server-policy service predefined" "predefined" 4040 {
	TABLENAME STRING "name" "service name" 4041 {
		VALIDATE NO_XSS RELAXED;		
		ATTR INT "port" "service port <1, 65535>" 4042 {
			VALIDATE RANGE 1:65535;
			brieflist = 1;
			defaultval = 80;
		}
		ATTR OPTION "protocol" "protocol" 4043 {
				CHOICES {
					TCP == 1 ::: "tcp protocol";
					UDP == 2 ::: "udp protocol";
				}
				brieflist = 1;
				defaultval = TCP;
			}
	}
}

DOMAIN TABLE "server-policy pattern custom-data-type" "custom data type" 4080 {
	TABLENAME STRING "name" "name" 4081 {
		VALIDATE NO_XSS RELAXED;
		ATTR STRING "expression" "expression" 4082 {
			parseflag = "must";
		}
	}
}

DOMAIN TABLE "server-policy pattern data-type-group" "data type group" 4090 {
	TABLENAME STRING "name" "name" 4091 {
		VALIDATE NO_XSS RELAXED;
		TABLE "type-list" "type list" 4092 {
			TABLENAME INT "id" "id" 4093 {
				ATTR OPTION "data-type" "data type" 4094{
					}
			}			
		}
		ATTR INT "flag" "flag" 4095 {
			parseflag = "hidden";
		}
	}
}

DOMAIN TABLE "server-policy custom-application url-replacer" "url replacer" 4160 {
	TABLENAME STRING "name" "name" 4161 {
		VALIDATE NO_XSS RELAXED;
		ATTR OPTION "type" "plugin type" 4162{
			CHOICES {
				pre-defined == 1 ::: "pre-defined application type";
				custom-defined == 2 ::: "custom-defined application type";
			}
			defaultval = pre-defined;			
		}
		ATTR OPTION "app-type" "application type" 4163{
			CHOICES {
				jsp == 1 ::: "JSP application";
				owa-2003 == 2 ::: "OWA application";
			}
			defaultval = jsp;	
			condition = 4162:eq:1;		
		}
		ATTR STRING "url" "original URL" 4164 {
			brieflist = 1;
			condition = 4162:eq:2;	
			parseflag = "must";
		}
		ATTR STRING "new-url" "new URL" 4165 {
			VALIDATE NO_XSS RELAXED;			
			brieflist = 1;
			condition = 4162:eq:2;	
			parseflag = "must";
			
		}
		ATTR STRING "param" "new parameter value" 4166 {
			VALIDATE NO_XSS RELAXED;
			brieflist = 1;
			condition = 4162:eq:2;	
		}
		ATTR STRING "new-param" "new parameter name" 4167 {
			VALIDATE NO_XSS RELAXED;
			brieflist = 1;
			condition = 4162:eq:2;	
		}
	}
}

DOMAIN TABLE "server-policy custom-application application-policy" "application policy" 4180 {
	TABLENAME STRING "name" "name" 4181 {
		VALIDATE NO_XSS RELAXED;
                TABLE "rule-list" "rule list" 4182 {
			parseflag = "movable";
                        TABLENAME INT "id" "id" 4183 {
			ATTR OPTION "type" "type" 4185 {
				CHOICES {
					URL_Replacer == 1 ::: "url replacer";
				}
				brieflist = 1;
				defaultval = URL_Replacer;				
			}
			ATTR DATASOURCE "plugin-name" "plugin name" 4186 {
					brieflist = 1;
					datasource = "4160";
					parseflag = "must";
			}
		}
	}
}

DOMAIN TABLE "waf url-access url-access-rule" "waf url access rule" 5590 {
	TABLENAME STRING "name" "name" 5591 {		
		VALIDATE NO_XSS RELAXED;
		ATTR OPTION_EN "host-status" "enable/disable" 5592 {
			defaultval = disable;
		}
		ATTR STRING "host" "host" 5593 {
			VALIDATE NO_XSS RELAXED;
		}
		ATTR OPTION "action" "action" 5594 {
			CHOICES {
				pass == 1 ::: "pass";
				alert_deny == 2 ::: "alert_deny";
				continue == 3 ::: "continue";
			}
			defaultval = pass;
		}
		ATTR OPTION "severity" "severity:High, Medium or Low" 5595 {
			CHOICES {
				High == 1 ::: "High";
				Medium == 2 ::: "Medium";
				Low == 3 ::: "Low";
			}
			brieflist = 1;
			defaultval = Low;	
			condition = 5594:eq:2;
		}
		ATTR DATASOURCE "trigger" "trigger" 5596 {
			datasource = "2090";
			condition = 5594:eq:2;
		}
		TABLE "match-condition" "match condition" 5597 {
			TABLENAME INT "id" "id" 5598 {
				ATTR STRING "reg-exp" "regular-express" 5599 {
					parseflag = "must";
				}
				ATTR OPTION "type" "type" 5600 {
					CHOICES {
						simple-string == 1 ::: "simple-string";
						regex-expression == 2 ::: "regex-expression";
					}
					defaultval = simple-string;
				}
				ATTR OPTION "reverse-match" "reverse-match" 5601 {
					CHOICES {
						yes == 1 ::: "unmatch this condition";
						no == 0 ::: "match this condition";
					}
					defaultval = no;
				}
				ATTR OPTION_EN "sip-address-check" "sip-address-check" 5602 {
					CHOICES {
						disable == 0 ::: "sip address check disable";
						enable == 1 ::: "sip address check enable";
					}
					defaultval = disable;
				}
				ATTR OPTION "sip-address-type" "sip-address-type" 5603 {
					CHOICES {
						sip == 0 ::: "sip";
						sdomain == 1 ::: "sdomain";
					}
					defaultval = sip;
					condition = 5602:eq:1;
				}
				ATTR IPADDR "sip-address-value" "source ip address value" 5604 {
					condition = 5603:eq:0;
					condition = 5602:eq:1;
				}
				ATTR STRING "sip-address-domain" "source ip address domain" 5605 {
					condition = 5602:eq:1;
					condition = 5603:eq:1;
				}
				ATTR OPTION "sdomain-type" "sdomain-type" 5606 {
					CHOICES {
						ipv4 == 2 ::: "IPv4";
						ipv6 == 10 ::: "IPv6";
					}
					defaultval = ipv4;
					condition = 5602:eq:1;
				}
			}
		}
	}
}

DOMAIN TABLE "waf url-access url-access-policy" "waf url access policy" 5640 {
	TABLENAME STRING "name" "name" 5641 {		
		VALIDATE NO_XSS RELAXED;
		TABLE "rule" "rules" 5642 {
			parseflag = "movable";
			TABLENAME INT "id" "id" 5643 {
				ATTR DATASOURCE "url-access-rule-name" "url-access-rule-name" 5645 {
					datasource = "5590";
				}
			}
		}
	}
}

DOMAIN TABLE "waf exclude-url" "waf exclude url" 5000 {
	TABLENAME STRING "name" "name" 5001 {
		VALIDATE NO_XSS RELAXED;
		parseflag = "keeporder";
		TABLE "exclude-rules" "exclude url rule list" 5002 {
			TABLENAME INT "id" "id" 5003 {
				ATTR STRING "host" "host" 5004 {
					VALIDATE NO_XSS RELAXED;
					brieflist = 1;
					parseflag = "keeporder";
				}
				ATTR OPTION_EN "host-status" "host status" 5005 {
					brieflist = 1;
					parseflag = "keeporder";
					defaultval = disable;
				}
				ATTR STRING "request-file" "request file" 5006 {
					VALIDATE NO_XSS RELAXED;
					brieflist = 1;
					parseflag = "keeporder";
				}
			}
		}
	}
}

DOMAIN TABLE "waf file-uncompress-rule" "waf file uncompress rule" 5020 {
	TABLENAME STRING "name" "name" 5021 {
		VALIDATE NO_XSS RELAXED;
		ATTR DATASOURCE "exclude-url" "exclude url" 5022 {
			brieflist = 1;
			datasource = "5000";
		}
		TABLE "content-types" "content types list" 5023 {
			TABLENAME INT "id" "id" 5024 {
				ATTR OPTION "content-type" "content type" 5025{
					CHOICES {
						text/plain == 7 ::: "text/plain";
						text/html == 5 ::: "text/html";
						application/xml(or)text/xml == 3 ::: "application/xml or text/xml";
						application/soap+xml == 2 ::: "application/soap+xml";
						application/x-javascript == 10 ::: "application/x-javascript";
						text/css == 9 ::: "text/css";
						application/javascript == 12 ::: "application/javascript";
						text/javascript == 13 ::: "text/javascript";
					}
					brieflist = 1;
				}
			}
		}
	}
}

DOMAIN TABLE "waf file-compress-rule" "waf file compress rule" 5040 {
        TABLENAME STRING "name" "name" 5041 {
                VALIDATE NO_XSS RELAXED;
                ATTR DATASOURCE "exclude-url" "exclude url" 5042 {
                        brieflist = 1;
                        datasource = "5000";
                }
                TABLE "content-types" "content types list" 5043 {
                        TABLENAME INT "id" "id" 5044 {
                                ATTR OPTION "content-type" "content type" 5045{
                                        CHOICES {
                                                text/plain == 7 ::: "text/plain";
                                                text/html == 5 ::: "text/html";
                                                application/xml(or)text/xml == 3 ::: "application/xml or text/xml";
                                                application/soap+xml == 2 ::: "application/soap+xml";
                                                application/x-javascript == 10 ::: "application/x-javascript";
                                                text/css == 9 ::: "text/css";
                                                application/javascript == 12 ::: "application/javascript";
                                                text/javascript == 13 ::: "text/javascript";
                                        }
                                        brieflist = 1;
                                }
			}
		}
	}
}

DOMAIN TABLE "waf http-request-flood-prevention-rule" "http request flood prevention rule" 5100 {
	TABLENAME STRING "name" "name" 5101 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		ATTR INT "access-limit-in-http-session" "access-limit-in-http-session(0~4096)" 5102 {
			VALIDATE RANGE 0:4096;
		}
		ATTR OPTION "action" "action" 5103 {
			CHOICES {
				alert == 2 ::: "alert";
				alert_deny == 6 ::: "deny connection and alert";
				block-period == 11 ::: "block period";
			}
			defaultval = alert;
		}
		ATTR INT "block-period" "action block period(1-10000)" 5104 {
			VALIDATE RANGE 1:10000;
			defaultval = 60;
			condition = 5103:eq:11;
		}
		ATTR OPTION "severity" "severity:High, Medium or Low" 5105 {
			CHOICES {
				High == 1 ::: "High";
				Medium == 2 ::: "Medium";
				Low == 3 ::: "Low";
			}
			brieflist = 1;
			defaultval = High;	
		}
		ATTR DATASOURCE "trigger-policy" "trigger-policy" 5106 {
			datasource = "2090";
		}
		ATTR OPTION_EN "real-browser-enforcement" "real browser enforcement" 5107 {
			defaultval = disable;
			brieflist = 1;
		}
		ATTR INT "validation-timeout" "validation timeout" 5108 {
			brieflist = 1;
			defaultval = 20;
			VALIDATE RANGE 5:30;
		}
	}
}

DOMAIN TABLE "waf http-connection-flood-check-rule" "http connection flood check rule" 5120 {
	TABLENAME STRING "name" "name" 5121 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		ATTR INT "http-connection-threshold" "http-connection-threshold(1~1024)" 5122 {
			VALIDATE RANGE 1:1024;
			defaultval = 1;
		}
		ATTR OPTION "action" "action" 5123 {
			CHOICES {
				alert == 2 ::: "alert";
				alert_deny == 6 ::: "deny connection and alert";
				block-period == 11 ::: "block period";
			}
			defaultval = alert;
		}
		ATTR OPTION "severity" "severity:High, Medium or Low" 5124 {
			CHOICES {
				High == 1 ::: "High";
				Medium == 2 ::: "Medium";
				Low == 3 ::: "Low";
			}
			brieflist = 1;
			defaultval = Medium;	
		}
		ATTR DATASOURCE "trigger-policy" "trigger-policy" 5125 {
			datasource = "2090";
		}
		ATTR INT "block-period" "action block period(1~3600)" 5126 {
			brieflist = 1;
			defaultval = 60;
			VALIDATE RANGE 1:3600;
                        condition = 5123:eq:11;
		}
	}
}

DOMAIN TABLE "waf layer4-access-limit-rule" "layer4 access limit rule" 5140 {
	TABLENAME STRING "name" "name" 5141 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		ATTR INT "access-limit-standalone-ip" "access-limit-standalone-ip(0~65536)" 5142 {
			VALIDATE RANGE 0:65536;
		}
		ATTR INT "access-limit-share-ip" "access-limit-share-ip(0~65536)" 5143 {
			VALIDATE RANGE 0:65536;
		}
		ATTR OPTION "action" "action" 5144 {
			CHOICES {
				alert == 2 ::: "alert";
				alert_deny == 6 ::: "deny connection and alert";
				block-period == 11 ::: "block period";
			}
			defaultval = alert;
		}
		ATTR INT "block-period" "action block period(1-10000)" 5145 {
			VALIDATE RANGE 1:10000;
			defaultval = 60;
			condition = 5144:eq:11;
		}
		ATTR OPTION "severity" "severity:High, Medium or Low" 5146 {
			CHOICES {
				High == 1 ::: "High";
				Medium == 2 ::: "Medium";
				Low == 3 ::: "Low";
			}
			brieflist = 1;
			defaultval = Medium;	
		}
		ATTR DATASOURCE "trigger-policy" "trigger-policy" 5147 {
			datasource = "2090";
		}
		ATTR OPTION_EN "real-browser-enforcement" "real browser enforcement" 5148 {
			defaultval = disable;
			brieflist = 1;
		}
		ATTR INT "validation-timeout" "validation timeout" 5149 {
			brieflist = 1;
			defaultval = 20;
			VALIDATE RANGE 5:30;
		}
	}
}

DOMAIN TABLE "waf geo-block-list" "geo block list" 5200 {
        TABLENAME STRING "name" "name" 5201 {
		VALIDATE NO_XSS RELAXED;
		ATTR OPTION "severity" "severity" 5202 {
			CHOICES {
				High == 1 ::: "High";
				Medium == 2 ::: "Medium";
				Low == 3 ::: "Low";
			}
			brieflist = 1;
			defaultval = Low;				
		}
		ATTR DATASOURCE "trigger" "trigger" 5203 {
			brieflist = 1;
			datasource = "2090";
		}
                TABLE "country-list" "country list" 5204 {
                        TABLENAME INT "id" "id" 5205 {
			ATTR STRING "country-name" "country name" 5206 {
                                brieflist = 1;
                        }
		}
	}
}

DOMAIN TABLE "waf ip-list" "ip list policy" 5220 {
        TABLENAME STRING "name" "name" 5221 {
		VALIDATE NO_XSS RELAXED;
                TABLE "members" "members" 5222 {
                        TABLENAME INT "id" "id" 5223 {
			ATTR OPTION "type" "type" 5224 {
				CHOICES {
					trust-ip == 0 ::: "trust ip";
					black-ip == 1 ::: "black ip";
				}
				brieflist = 1;
				defaultval = trust-ip;				
			}
			ATTR IPADDR "ip" "ip" 5225 {
				#ipversion = 4;
		                #subnet_type = host;
				brieflist = 1;
				parseflag = "must";
			}
			ATTR OPTION "severity" "severity" 5226 {
				CHOICES {
					High == 1 ::: "High";
					Medium == 2 ::: "Medium";
					Low == 3 ::: "Low";
				}
				brieflist = 1;
				defaultval = Low;	
				condition = 5224:eq:1;			
			}
			ATTR DATASOURCE "trigger-policy" "trigger policy" 5227 {
				brieflist = 1;
				datasource = "2090";
				condition = 5224:eq:1;	
			}
		}
	}
}

DOMAIN TABLE "waf http-authen http-authen-rule" "http authentication rule" 5240 {
	TABLENAME STRING "name" "name" 5241 {
		VALIDATE NO_XSS RELAXED;
		ATTR STRING "host" "host" 5242 {
			VALIDATE NO_XSS RELAXED;
			brieflist = 1;
		}
		ATTR OPTION_EN "host-status" "host status" 5243 {
			defaultval = disable;
			brieflist = 1;
		}
		TABLE "rule" "rules" 5244 {
			TABLENAME INT "id" "id" 5245 {
				ATTR OPTION "authen-type" "authentication type" 5246 {
					CHOICES {
						basic == 1;
						digest == 2;
						ntlm == 3;
					}
					defaultval = basic;
					brieflist = 1;
				}
				ATTR STRING "user-realm" "user realm" 5247 {
#					VALIDATE NO_XSS RELAXED;
					brieflist = 1;
				}
				ATTR DATASOURCE "user-group" "user group" 5248 {
					datasource = "1060";
					brieflist = 1;
				}
				ATTR STRING "request-url" "request URL" 5249 {
					brieflist = 1;
				}
			}
		}
	}
} 

DOMAIN TABLE "waf http-authen http-authen-policy" "http authentication policy" 5260 {
	TABLENAME STRING "name" "name" 5261 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		TABLE "rule" "rules" 5262 {
			TABLENAME INT "id" "id" 5263 {
				ATTR DATASOURCE "http-authen-rule" "http authentication rule" 5264 {
					brieflist = 1;
					datasource = "5240";
					parseflag = "must";
				}
			}
		}
		ATTR OPTION_EN "cache" "LDAP cache" 5265 {
			defaultval = enable;
			brieflist = 1;
		}
		ATTR INT "cache-timeout" "cache timeout, default 300 [0 3600]" 5266 {
			defaultval = 300;
			VALIDATE RANGE 0:3600;
			brieflist = 1;
			condition = 5265:eq:1; 
		}
		ATTR OPTION "alert-type" "alert type" 5267 {
			CHOICES {
				none == 0 ::: "none";
				fail == 1 ::: "failed only";
				success == 2 ::: "successful only";
				all == 3 ::: "all";
			}
			defaultval = none;
			brieflist = 1;
		}
		ATTR INT "auth-timeout" "auth timeout, default 2000" 5268 {
			defaultval = 2000;
			VALIDATE RANGE 1:60000;
			brieflist = 1;
		}
	}
}

DOMAIN TABLE "waf hidden-fields-rule" "waf hidden field rule" 5390 {
	TABLENAME STRING "name" "name" 5391 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		ATTR STRING "host" "host" 5392 {
			VALIDATE NO_XSS RELAXED;
		}
		TABLE "hidden-field-name" "rule list" 5393 {
			TABLENAME INT "id" "id" 5394 {
				ATTR STRING "argument" "argument" 5395 {
					VALIDATE NO_XSS RELAXED;
					brieflist = 1;
					parseflag = "must";
				}
			}
		}
		ATTR OPTION "action" "action" 5396 {
			CHOICES {
				alert == 2 ::: "alert";
				alert_deny == 6 ::: "deny connection and alert";
				redirect == 3 ::: "redirect connection";
				block_period == 11 ::: "block period";
				send_403_forbidden == 10 ::: "send HTTP 403 access forbidden";
			}
			defaultval = alert;
		}
		ATTR INT "block_period" "action block period(1-3600)" 5397 {
			VALIDATE RANGE 1:3600;
			defaultval = 60;
			condition = 5396:eq:11;
		}
		ATTR OPTION "severity" "severity:High, Medium or Low" 5398 {
			CHOICES {
				High == 1 ::: "High";
				Medium == 2 ::: "Medium";
				Low == 3 ::: "Low";
			}
			brieflist = 1;
			defaultval = High;	
		}
		ATTR DATASOURCE "trigger" "trigger" 5399 {
			datasource = "2090";
		}
		ATTR STRING "request-file" "request file" 5400 {
			VALIDATE REGEX "^/";
			parseflag = "must";
			brieflist = 1;
		}
		ATTR STRING "action-url0" "action url0" 5401 {
			VALIDATE REGEX "^/";
			brieflist = 1;
		}
		ATTR STRING "action-url1" "action url1" 5402 {
			VALIDATE REGEX "^/";
			brieflist = 1;
		}
		ATTR STRING "action-url2" "action url2" 5403 {
			VALIDATE REGEX "^/";
			brieflist = 1;
		}
		ATTR STRING "action-url3" "action url3" 5404 {
			VALIDATE REGEX "^/";
			brieflist = 1;
		}
		ATTR STRING "action-url4" "action url4" 5405 {
			VALIDATE REGEX "^/";
			brieflist = 1;
		}
		ATTR STRING "action-url5" "action url5" 5406 {
			VALIDATE REGEX "^/";
			brieflist = 1;
		}
		ATTR STRING "action-url6" "action url6" 5407 {
			VALIDATE REGEX "^/";
			brieflist = 1;
		}
		ATTR STRING "action-url7" "action url7" 5408 {
			VALIDATE REGEX "^/";
			brieflist = 1;
		}
		ATTR STRING "action-url8" "action url8" 5409 {
			VALIDATE REGEX "^/";
			brieflist = 1;
		}
		ATTR STRING "action-url9" "action url9" 5410 {
			VALIDATE REGEX "^/";
			brieflist = 1;
		}
                ATTR OPTION_EN "host-status" "host status" 5411 {
                        defaultval = disable;
			brieflist = 1;
                }
                ATTR INT "flag" "flag operation" 5412 {
                        parseflag = "hidden,readonly";
                }
	}
}

DOMAIN TABLE "waf hidden-fields-protection" "waf hidden field protection" 5440 {
	TABLENAME STRING "name" "name" 5441 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		TABLE "hidden_fields_list" "hidden fields list" 5442 {
			TABLENAME INT "id" "id" 5443 {
				ATTR DATASOURCE "hidden-field-rule" "hidden field rule" 5444 {
					datasource = "5390";
					parseflag = "must";
				}
			}
		}
                ATTR INT "flag" "flag operation" 5445 {
                        parseflag = "hidden,readonly";
                }
	}
}

DOMAIN TABLE "waf page-access-rule" "page access rule" 5460 {
	TABLENAME STRING "name" "name" 5461 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		ATTR OPTION "page-severity" "High, Medium or Low" 5462 {
			CHOICES {
				High == 1 ::: "High";
				Medium == 2 ::: "Medium";
				Low == 3 ::: "Low";
			}
			brieflist = 1;
			defaultval = Medium;				
		}
		ATTR DATASOURCE "page-trigger" "choose Email or syslog policy" 5463 {
			datasource = "2090";
			brieflist = 1;
		}
		TABLE "page-access-list" "page access list" 5464 {
			parseflag = "movable";
			TABLENAME INT "<No.>" "The number of the page access list " 5465 {
				ATTR STRING "host" "host address" 5466 {
					VALIDATE NO_XSS RELAXED;
					brieflist = 1;
				}
				ATTR OPTION_EN "host-status" "host status " 5467 {
					brieflist = 1;
				}
				ATTR STRING "request-file" "request file " 5468 {
					parseflag = "must";
					brieflist = 1;
				}
				ATTR OPTION "request-type" "request type " 5469 {
					brieflist = 1;
					CHOICES {
						plain == 0;
						regular == 1;
					}
					defaultval = plain;
				}
			}
		}
		ATTR INT "flag" "flag" 5470 {
			brieflist = 1;
			parseflag = "hidden,readonly";
		}
	}
}

DOMAIN TABLE "waf url-rewrite url-rewrite-rule" "url rewriting rule" 5480 {
	TABLENAME STRING "name" "name" 5481 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		ATTR OPTION_EN "host-status" "host status" 5482 {
			brieflist = 1;
			defaultval = disable;
		}
		ATTR OPTION_EN "host-use-pserver" "" 5483 {
			brieflist = 1;
			defaultval = disable;
		}
		ATTR STRING "host" "host" 5484 {
			#VALIDATE HOSTNAME RELAXED;
			VALIDATE NO_XSS RELAXED;
			brieflist = 1;
		}
		ATTR OPTION_EN "url-status" "URL status" 5485 {
			brieflist = 1;
			defaultval = disable;
		}
		ATTR STRING "url" "URL" 5486 {
			#VALIDATE URL RELAXED;
			VALIDATE NO_XSS RELAXED;
			brieflist = 1;
		}
		ATTR STRING "location" "location" 5487 {
			VALIDATE NO_XSS RELAXED;
			brieflist = 1;
		}
		ATTR OPTION_EN "referer-status" "" 5488 {
			brieflist = 1;
			defaultval = disable;
		}
		ATTR OPTION_EN "referer-use-pserver" "" 5489 {
			brieflist = 1;
			defaultval = disable;
		}
		ATTR STRING "referer" "referer" 5490 {
			VALIDATE NO_XSS RELAXED;
			brieflist = 1;
		}
		ATTR STRING "body_replace" "body replacement" 5491 {
			brieflist = 1;
		}
		ATTR STRING "location_replace" "location replacement" 5492 {
			brieflist = 1;
		}
		ATTR OPTION "action" "action" 5493 {
			CHOICES {
				http-header-rewrite == 5 ::: "http-header-rewrite";
				redirect-301 == 8 ::: "redirect 301";
				redirect == 3 ::: "redirect";
				403-forbidden == 4 ::: "403 forbidden";
				http-body-rewrite == 6 ::: "http-body-rewrite";
				location-rewrite == 7 ::: "location-rewrite";
			}
			brieflist = 1;
			defaultval = http-header-rewrite;
		}
		ATTR INT "flag_operation" "flag" 5494 {
			brieflist = 1;
			parseflag = "hidden,readonly";
		}
		TABLE "match-condition" "match condition" 5495 {
			TABLENAME INT "id" "id" 5496 {
				ATTR OPTION "object" "object type" 5497 {
					CHOICES {
						http-host == 1;
						http-url == 2;
						http-reference == 3;
						http-body == 4;
						http-location == 5;
					}
					brieflist = 1;
					defaultval = http-host;
					parseflag = "keeporder";
				}
				ATTR STRING "reg-exp" "regular expression" 5498 {
					brieflist = 1;
					parseflag = "keeporder";
				}
				ATTR OPTION "is-essential" "is-essential: yes/no" 5499 {
					CHOICES {
						yes == 1 ::: "is essential";
						no == 0 ::: "is not essential";
					}
					condition = 5497:eq:3;
					defaultval = yes;
					brieflist = 1;
					parseflag = "keeporder";
				}
				ATTR OPTION "reverse-match" "reverse-match: yse/no" 5500 {
					CHOICES {
						yes == 1 ::: "unmatch this condition";
						no == 0 ::: "match this condition";
					}
					defaultval = no;
					brieflist = 1;
					parseflag = "keeporder";
				}
				ATTR OPTION_EN "protocol-filter" "protocol-filter: enable/disable" 5501 {
					brieflist = 1;
					defaultval = disable;
					parseflag = "keeporder";
				}
				ATTR OPTION "HTTP-protocol" "HTTP-protocol: HTTP/HTTPS" 5502 {
					CHOICES {
						http == 1;
						https == 2;
					}
					brieflist = 1;
					defaultval = http;
					parseflag = "keeporder";
				}
				ATTR OPTION_EN "content-type-filter" "content type filter: enable/disable" 5503 {
					brieflist = 1;
					defaultval = disable;
					parseflag = "keeporder";
				}
				ATTR OPTION "content-type-set" "content type set" 5504 {
					multi_opt = 1;
					CHOICES {
						text/html == 1 :SET;
						text/plain == 2 :SET;
						text/javascript == 4 :SET;
						application/xml(or)text/xml == 8 :SET;
						application/javascript == 16 :SET;
						application/soap+xml == 32 :SET;
						application/x-javascript == 64 : SET;
					}
					brieflist = 1;
					parseflag = "keeporder";
				}
			}
		}
	}
}

DOMAIN TABLE "waf url-rewrite url-rewrite-policy" "URL rewriting policy" 5530 {
	TABLENAME STRING "name" "name" 5531 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		TABLE "rule" "rules" 5532 {
			parseflag = "movable,keeporder";
			TABLENAME INT "id" "id" 5533 {								
				ATTR DATASOURCE "url-rewrite-rule-name" "url rewrite rule name" 5535 {
					brieflist = 1;
					datasource = "5480";
					parseflag = "must";
				}
			}
		}
	}
}

DOMAIN TABLE "waf allow-method-policy" "allow method policy" 5570 {
	TABLENAME STRING "name" "name" 5571 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		ATTR OPTION "allow-method" "allow request method" 5572 {
			multi_opt = 1;
			brieflist = 1;
			CHOICES {
				get 	== 1: SET;
				post 	== 2: SET;
				head 	== 4: SET;
				options == 8: SET;
				trace 	== 16: SET;
				connect == 32: SET;
				delete 	== 64: SET;
				put 	== 128: SET;
				others 	== 2147483648: SET;
			}
			#parseflag = "must";
		}
		ATTR OPTION "severity" "severity" 5573 {
			CHOICES {
				High == 1 ::: "High";
				Medium == 2 ::: "Medium";
				Low == 3 ::: "Low";
			}
			brieflist = 1;
			defaultval = High;				
		}
		ATTR DATASOURCE "triggered-action" "choose Email or syslog policy" 5574 {
			datasource = "2090";
			brieflist = 1;
		}
		ATTR DATASOURCE "allow-method-exception" "allow method exception" 5575 {
			datasource = "5550";
			brieflist = 1;
		}
	}
}

DOMAIN TABLE "waf http-constraints-exceptions" "http protocol parameter constraints exceptions" 5860 {
        TABLENAME STRING "name" "http constrains exception name" 5861 {
		VALIDATE NO_XSS RELAXED;
                TABLE "http_constraints-exception-list" "exception list" 5862 {
                        TABLENAME INT "id" "id" 5863 {
                        ATTR STRING "host" "host" 5864 {
				VALIDATE NO_XSS RELAXED;
                                brieflist = 1;
                        }
			ATTR STRING "request-file" "request file" 5865 {
				parseflag = "must";
				brieflist = 1;
			}
			ATTR OPTION "request-type" "request type" 5866 {
				CHOICES {
					plain == 0;
					regular == 1;
				}
				brieflist = 1;
				defaultval = plain;
			}
                        ATTR OPTION_EN "host-status" "host status" 5867 {
                                defaultval = disable;
				brieflist = 1;
                        }
			ATTR OPTION_EN "max-http-header-length" "" 5868 {
				defaultval = disable;
				brieflist = 1;
			}
			ATTR OPTION_EN "max-http-content-length" "" 5869 {
                                defaultval = disable;
				brieflist = 1;
                        }
			ATTR OPTION_EN "max-http-body-length" "" 5870 {
                                defaultval = disable;
				brieflist = 1;
                        }
			ATTR OPTION_EN "max-http-parameter-length" "" 5871 {
                                defaultval = disable;
				brieflist = 1;
                        }
			ATTR OPTION_EN "max-http-header-line-length" "" 5872 {
                                defaultval = disable;
				brieflist = 1;
                        }
			ATTR OPTION_EN "max-http-request-length" "" 5873 {
                                defaultval = disable;
				brieflist = 1;
                        }
			ATTR OPTION_EN "max-url-parameter-length" "" 5874 {
                                defaultval = disable;
				brieflist = 1;
                        }
			ATTR OPTION_EN "max-cookie-in-request" "" 5875 {
                                defaultval = disable;
				brieflist = 1;
                        }
			ATTR OPTION_EN "max-header-line-request" "" 5876 {
                                defaultval = disable;
				brieflist = 1;
                        }
			ATTR OPTION_EN "Illegal-http-request-method-check" "" 5877 {
                                defaultval = disable;
				brieflist = 1;
                        }
			ATTR OPTION_EN "max-url-parameter" "" 5878 {
                                defaultval = disable;
				brieflist = 1;
                        }
			ATTR OPTION_EN "Illegal-host-name-check" "" 5879 {
                                defaultval = disable;
				brieflist = 1;
                        }
			ATTR OPTION_EN "number-of-ranges-in-range-header" "" 5880 {
                                defaultval = disable;
				brieflist = 1;
                        }
			ATTR OPTION_EN "block-malformed-request" "" 5881 {
                                defaultval = disable;
				brieflist = 1;
                        }
                        }
                }
                ATTR INT "flag" "flag operation" 5882 {
                        parseflag = "hidden,readonly";
                }
        }
}

DOMAIN TABLE "waf start-pages" "start pages" 6140 {
	TABLENAME STRING "name" "name" 6141 {
        VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		TABLE "start-page-list" "start page list" 6142 {
			TABLENAME INT "<No.>" "The number of the page access list " 6143 {
				ATTR STRING "host" "host address" 6144 {
					VALIDATE NO_XSS RELAXED;
					brieflist = 1;
				}
				ATTR OPTION_EN "host-status" "host status " 6145 {
					brieflist = 1;
					defaultval = disable;
				}
				ATTR STRING "request-file" "request file " 6146 {
					parseflag = "must";
					brieflist = 1;
				}
				ATTR OPTION "request-type" "request type " 6147 {
					brieflist = 1;
					CHOICES {
						plain == 0;
						regular == 1;
					}
					defaultval = plain;
				}
				ATTR OPTION "default" "default:yes/no" 6148 {
					CHOICES {
						no == 0 ::: "no"; 
						yes == 1 ::: "yes";
					}
					defaultval = no;
				}
			}
		}
		ATTR OPTION "action" "action" 6149 {
			CHOICES {
				alert == 2 ::: "alert";
				alert_deny == 6 ::: "deny connection and alert";
				redirect == 3 ::: "redirect connection";
				block-period == 11 ::: "block period";
				send_403_forbidden == 10 ::: "send HTTP 403 access forbidden";
			}
			defaultval = alert;
		}
		ATTR INT "block-period" "action block period(1-3600)" 6150 {
			VALIDATE RANGE 1:3600;
			defaultval = 60;
			condition = 6149:eq:11;
		}
		ATTR OPTION "severity" "High, Medium or Low" 6151 {
			CHOICES {
				High == 1 ::: "High";
				Medium == 2 ::: "Medium";
				Low == 3 ::: "Low";
			}
			brieflist = 1;
			defaultval = Low;				
		}
		ATTR DATASOURCE "trigger" "choose Email or syslog policy" 6152 {
			datasource = "2090";
			brieflist = 1;
		}
		ATTR INT "flag" "flag" 6153 {
			brieflist = 1;
			parseflag = "hidden,readonly";
		}
	}
}

DOMAIN TABLE "waf file-upload-restriction-rule" "file upload restriction rule" 6200 {
	TABLENAME STRING "name" "name" 6201 {		
		VALIDATE NO_XSS RELAXED;
		ATTR OPTION_EN "host-status" "enable/disable" 6202 {
			defaultval = disable;
		}
		ATTR STRING "host" "host" 6203 {
			VALIDATE NO_XSS RELAXED;
		}
		ATTR OPTION "request-type" "simple string or regular expression" 6204 {
			CHOICES {
				plain == 0;
				regular == 1;
			}
			brieflist = 1;
			defaultval = plain;
		}
		ATTR STRING "request-file" "URL" 6205 {
			parseflag = "must";
		}
		ATTR INT "file-size-limit" "file upload limit (0-5120)(KBytes)" 6206 {
			VALIDATE RANGE 0:5120;
		}
		ATTR INT "flag" "flag" 6207 {
			parseflag = "hidden,readonly";
		}		
		TABLE "file-types" "file types" 6208 {
			TABLENAME INT "id" "id" 6209 {
			ATTR STRING "file-type-name" "file-type-name" 6210 {
				#VALIDATE NO_XSS RELAXED;
			}
			ATTR STRING "file-type-id" "file-type-id" 6211 {
			}
		}
	}
}

DOMAIN TABLE "waf input-rule" "waf input rule" 5320 {
	TABLENAME STRING "name" "name" 5321 {		
		VALIDATE NO_XSS RELAXED;
		ATTR STRING "host" "host" 5322 {
			VALIDATE NO_XSS RELAXED;
		}
		ATTR OPTION "action" "action" 5323 {
			CHOICES {
				alert == 2 ::: "alert";
				alert_deny == 6 ::: "deny connection and alert";
				redirect == 3 ::: "redirect connection";
				block-period == 11 ::: "block period";
				send_403_forbidden == 10 ::: "send HTTP 403 access forbidden";
			}
			defaultval = alert;
		}
		ATTR INT "block-period" "action block period(1-3600)" 5324 {
			VALIDATE RANGE 1:3600;
			defaultval = 60;
			condition = 5323:eq:11;
		}
		ATTR OPTION "severity" "severity:High, Medium or Low" 5325 {
			CHOICES {
				High == 1 ::: "High";
				Medium == 2 ::: "Medium";
				Low == 3 ::: "Low";
			}
			brieflist = 1;
			defaultval = Low;	
		}
		ATTR DATASOURCE "trigger" "trigger" 5326 {
			datasource = "2090";
		}
		ATTR OPTION "request-type" "simple string or regular expression" 5327 {
			CHOICES {
				plain == 0;
				regular == 1;
			}
			brieflist = 1;
			defaultval = plain;
		}
		ATTR STRING "request-file" "request file" 5328 {
			parseflag = "must";
		}
		ATTR OPTION_EN "host-status" "enable/disable" 5329 {
			defaultval = disable;
		}
		ATTR INT "flag" "flag" 5330 {
			parseflag = "hidden,readonly";
		}		
		TABLE "rule-list" "rule list" 5331 {
			parseflag = "keeporder";
			TABLENAME INT "id" "id" 5332 {
				ATTR OPTION "argument-type" "argument-type" 5333 {
					CHOICES {
						data-type == 0 ::: "Data Type";
						regular-expression == 1 ::: "Regular Expression";
						custom-data-type == 2 ::: "Custom Data Type";
					}
					defaultval = data-type;
				}
				ATTR OPTION_EN "type-checked" "type_checked:enable/disable" 5334 {
					defaultval = disable;
				}
				ATTR STRING "argument-name" "argument-name" 5335 {
					parseflag = "must";
				}
				ATTR STRING "argument-expression" "argument-expression" 5336 {
					condition = 5333:eq:1;
				}
				ATTR INT "max-length" "max-length" 5337 {
					VALIDATE RANGE 0:1024;
				}
				ATTR OPTION "is-essential" "is-essential:yes/no" 5338 {
					CHOICES {
						no == 0 ::: "is not essential"; 
						yes == 1 ::: "is essential";
					}
					defaultval = no;
				}
				ATTR OPTION "data-type" "data-type" 5339 {
					CHOICES {
						
					}
					condition = 5333:eq:0;
				}
				ATTR DATASOURCE "custom-data-type" "custom data type name" 5340 {
					datasource = "4080";
					condition = 5333:eq:2;
				}
			}
		}
	}
}
DOMAIN TABLE "waf parameter-validation-rule" "waf parameter validation rule" 5370 {
	TABLENAME STRING "name" "name" 5371 {		
		VALIDATE NO_XSS RELAXED;
		TABLE "input-rule-list" "input rule list" 5372 {
			TABLENAME INT "id" "id" 5373 {
				ATTR DATASOURCE "input-rule" "input rule" 5374 {
					datasource = "5320";
					parseflag = "must";
				}
			}
		}
		ATTR INT "flag" "flag" 5375 {
			parseflag = "hidden,readonly";
		}		
	}
}

DOMAIN TABLE "waf base-signature-disable" "waf base disable signature" 5960 {
	TABLENAME STRING "signature_id" "signature id" 5961 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
	}
}

DOMAIN TABLE "waf custom-protection-rule" "waf custom data type" 5980 {
	TABLENAME STRING "name" "custom protection rule name" 5981 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		ATTR OPTION "type" "custom protection rule type" 5982 {
			CHOICES {
				request == 0;
				response == 1;
			}
			defaultval = request;
			brieflist = 1;
		}
		ATTR OPTION "action" "action for match result" 5983 {
			CHOICES {
				alert == 2 ::: "alert";
				alert_deny == 6 ::: "deny connection and alert";
				redirect == 3 ::: "redirect connection";
				send_403_forbidden ==  10 ::: "send HTTP 403 access forbidden";
				alert_erase == 7 ::: "alert and erase information";
				block-period == 11 ::: "block period(1-3600)";
			}
			defaultval = alert;
			brieflist = 1;
		}
		ATTR INT "block-period" "block period (1-3600)" 5984 {
			VALIDATE RANGE 1:3600;
			defaultval = 60;
			brieflist = 1;
#			condition = 5983:eq:11;
		}
		ATTR OPTION "severity" "severity: High, Medium or Low" 5985 {
			CHOICES {
				High == 1;
				Medium == 2;
				Low == 3;
			}
			defaultval = Medium;
			brieflist = 1;
		}
		ATTR DATASOURCE "trigger" "trigger policy" 5986 {
			datasource = "2090";
			brieflist = 1;
		}
		ATTR OPTION_EN "case-sensitive" "" 5987 {
			defaultval = enable;
			brieflist = 1;
		}
		ATTR STRING "expression" "expression" 5988 {
			brieflist = 1;
			parseflag = "must";
		}
		TABLE "meet-targets" "meet targets" 5989 {
			TABLENAME INT "id" "id" 5990 {
				ATTR OPTION "target" "custom protection rule meet target" 5991 {
					CHOICES {
						REQUEST_FILENAME == 0;
						REQUEST_URI == 1;
						REQUEST_HEADERS_NAMES == 2;
						REQUEST_HEADERS == 3;
						REQUEST_COOKIES_NAMES == 5;
						REQUEST_COOKIES == 6;
						ARGS_NAMES == 7;
						ARGS == 8;
						REQUEST_RAW_URI == 9;
						REQUEST_BODY == 10;
						RESPONSE_STATUS == 11;
						RESPONSE_BODY == 12;
						RESPONSE_HEADER == 14;
					}
					defaultval = REQUEST_FILENAME;
					brieflist = 1;
				}
			}
		}
	}
}

DOMAIN TABLE "waf custom-protection-group" "waf custom data type group" 6000 {
	TABLENAME STRING "name" "name" 6001 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		TABLE "type-list" "" 6002 {
			parseflag = "movable";
			TABLENAME INT "id" "id" 6003 {
				ATTR DATASOURCE "custom-protection-rule" "custom protection rule" 6004 {
					datasource = "5980";
					brieflist = 1;
				}
			}
		}
	}
}

DOMAIN TABLE "waf ip-intelligence" "waf ip intelligence" 6500 {
	TABLENAME INT "id" "id" 6501 {
		brieflist = 1;
	    ATTR STRING "category" "category name" 6502{

        }
		ATTR OPTION_EN "status" "enable or disable" 6503 {
			defaultval = disable;
			brieflist = 1;
		}
		ATTR OPTION "action" "action" 6504 {
			CHOICES {
				alert == 2 ::: "alert";
				alert_deny == 6 ::: "deny connection and alert";
				redirect == 3 ::: "redirect to the default start page";
				send_403_forbidden == 10 ::: "send HTTP 403 access forbidden";
				block-period == 11 ::: "block period";
			}
			defaultval = alert;
			brieflist = 1;
		}
		ATTR INT "block-period" "action block period(1-3600)" 6505 {
			defaultval = 60;
			brieflist = 1;
			VALIDATE RANGE 1:3600;
		}
		ATTR OPTION "severity" "High, Medium or Low" 6506 {
			CHOICES {
				High == 1;
				Medium == 2;
				Low == 3;
			}
			defaultval = Low;
			brieflist = 1;
		}
		ATTR DATASOURCE "trigger" "choose Email or syslog policy" 6507 {
			datasource = "2090";
			brieflist = 1;
		}
	}
}

DOMAIN TABLE "waf ip-intelligence-exception" "waf ip intelligence exception" 6550 {
	TABLENAME INT "id" "id" 6551 {
		brieflist = 1;
		ATTR IPADDR "ip" "exception ip address" 6552 {
			brieflist = 1;
			parseflag = "must";
			ipversion = 4;
			subnet_type = host;
		}
		ATTR OPTION_EN "status" "exception ip status" 6553 {
			defaultval = disable;
			brieflist = 1;
		}
	}
}

GLOBAL COMPLEX "waf ip-intelligence-flag" "ip intelligence flag" 6570 {
	parseflag = "hidden";
	ATTR OPTION_EN "flag" "enable/disable" 6571 {
                brieflist = 1;
                defaultval = disable;
        }
}

GLOBAL COMPLEX "waf fds-update-flag" "FDS update flag" 6590 {
        #parseflag = "hidden";
        ATTR OPTION "status" "None, Pending or Processing" 6591 {
                CHOICES {
                        None == 0;
                        Pending == 1;
                        Processing == 2;
                }

                defaultval = None;
                brieflist = 1;
        }
}

GLOBAL COMPLEX "waf av-update-flag" "waf av update flag" 6580 {
	parseflag = "hidden";
	ATTR OPTION_EN "flag" "update flag" 6581 {
		defaultval = disable;
		brieflist = 1;
	}
}

DOMAIN TABLE "waf signature" "waf signature" 6020 {
        TABLENAME STRING "name" "name" 6021 {
                VALIDATE NO_XSS RELAXED;
                brieflist = 1;
                ATTR DATASOURCE "custom-protection-group" "custom protection group name" 6022 {
                        datasource = "6000";
                        brieflist = 1;
                }
                ATTR INT "credit-card-detection-threshold" "credit card detection threshold" 6023 {
                        VALIDATE RANGE 0:128;
                        brieflist = 1;
                }
                ATTR OPTION "sub_table_type" "sub table type" 6024 {
                        CHOICES {
                                Main == 0 ::: "Main Class List";
                                Sub == 1 ::: "Sub Class Disable List";
                                Signature == 2 ::: "Signature Class List";
                                Filter == 3 ::: "Exception List";
                                Table == 4 ::: "Table Operation";
				Alert-Only == 5 ::: "Alert Only";
                        }
                        brieflist = 1;
                        parseflag = "hidden,readonly";
                }
		ATTR STRING "sub_table_id" "sub table id" 6025 {
                        brieflist = 1;
                        parseflag = "hidden,readonly";
                }
                ATTR OPTION "sub_table_action" "sub table action" 6026 {
                        CHOICES {
                                Add == 0;
                                Edit == 1;
                                Delete == 2;
                        }
                        brieflist = 1;
                        parseflag = "hidden,readonly";
                }
                ATTR INT "filter_id" "filter id" 6027 {
                        brieflist = 1;
                        parseflag = "hidden,readonly";
                }
                ATTR INT "flag_operation" "flag operation" 6028 {
                        brieflist = 1;
                        parseflag = "hidden,readonly";
                }
		TABLE "main_class_list" "signature members main class list" 6029 {
                        TABLENAME STRING "main_class_id" "main class id" 6030 {
                                VALIDATE NO_XSS RELAXED;
                                brieflist = 1;
                                ATTR OPTION_EN "status" "status" 6031 {
                                        defaultval = enable;
                                        brieflist = 1;
                                }
                                ATTR OPTION "action" "action for match result" 6032 {
                                        CHOICES {
                                                alert == 2 ::: "alert";
                                                alert_deny == 6 ::: "deny connection and alert";
                                                redirect == 3 ::: "redirect connection";
                                                send_403_forbidden == 10 ::: "send HTTP 403 access forbidden";
                                                alert_erase == 7 ::: "alert and erase information";
                                                block-period == 11 ::: "block period (1-3600)";
                                                only_erase== 12 ::: "only erase";
                                        }
                                        brieflist = 1;
                                        defaultval = alert;
                                }
				ATTR INT "block-period" "block-period (1-3600)" 6033 {
                                        VALIDATE RANGE 1:3600;
                                        defaultval = 60;
                                        brieflist = 1;
					condition = 6032:eq:11;
                                }
                                ATTR OPTION "severity" "severity" 6034 {
                                        CHOICES {
                                                High == 1;
                                                Medium == 2;
                                                Low == 3;
                                        }
                                        defaultval = Medium;
                                        brieflist = 1;
                                }
                                ATTR DATASOURCE "trigger" "trigger" 6035 {
                                        datasource = "2090";
                                        brieflist = 1;
                                }
                        }
                }
		TABLE "sub_class_disable_list" "signature members sub class disable list" 6036 {
                        TABLENAME STRING "sub_class_id" "sub class id" 6037 {
                                VALIDATE NO_XSS RELAXED;
                                brieflist = 1;
                        }
                }
                TABLE "signature_disable_list" "signature members signature disable list" 6038 {
                        TABLENAME STRING "signature_id" "signature id" 6039 {
                                VALIDATE NO_XSS RELAXED;
                                        brieflist = 1;
                        }
                }
                TABLE "alert_only_list" "signature members signature alert only list" 6047 {
                        TABLENAME STRING "signature_id" "signature id" 6048 {
                                VALIDATE NO_XSS RELAXED;
                                        brieflist = 1;
                        }
                }
                TABLE "filter_list" "signature members exception list" 6040 {
                        TABLENAME INT "id" "id" 6041 {
                                VALIDATE RANGE 0:65535;
                                brieflist = 1;
                                ATTR STRING "signature_id" "filter list signature id" 6042 {
                                        VALIDATE NO_XSS RELAXED;
                                        brieflist = 1;
                                        parseflag = "must";
                                }
                                ATTR OPTION_EN "host-status" "host status" 6043 {
                                        defaultval = disable;
                                        brieflist = 1;
                                }
				ATTR STRING "host" "host" 6044 {
                                        VALIDATE NO_XSS RELAXED;
                                        brieflist = 1;
                                }
				ATTR OPTION "type" "type" 6046 {
					CHOICES {
						plain == 0 ::: "plain text";
						regular == 1 ::: "regular expression";
					}
					defaultval = plain;
					brieflist = 1;
				}
                                ATTR STRING "request-file" "request file" 6045 {
                                        brieflist = 1;
                                }
                        }
                }
        }
}

DOMAIN TABLE "waf x-forwarded-for" "waf x-forwarded-for rule" 6120 {
	TABLENAME STRING "name" "name" 6121 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		ATTR OPTION_EN "x-forwarded-for-support" "x forwarded for support" 6122 {
			defaultval = disable;
			brieflist = 1;
		}
		ATTR OPTION_EN "tracing-original-ip" "tracing original IP" 6123 {
			defaultval = disable;
			brieflist = 1;
		}
		ATTR STRING "original-ip-header" "original IP header" 6124 {
			VALIDATE NO_XSS RELAXED;
			brieflist = 1;
		}
		ATTR OPTION_EN "x-real-ip" "X-Real_IP" 6125 {
			defaultval = disable;
			brieflist = 1;
		}
		ATTR OPTION_EN "x-forwarded-proto" "X-Forwarded-Proto" 6131 {
			defaultval = disable;
			brieflist = 1;
		}
		TABLE "ip-list" "IP list" 6126 {
			TABLENAME INT "id" "id" 6127 {
				ATTR IPADDR "ip" "IP address" 6128 {
					brieflist = 1;
					parseflag = "must";
					ipversion = 4;
					subnet_type = host;
				}
			}
		}
		ATTR OPTION_EN "block-based-on-original-ip" "block-based-on-original-ip" 6129 {
			defaultval = disable;
			brieflist = 1;
		}
		ATTR OPTION "ip-location" "ip-location" 6130 {
			CHOICES {
				left == 0 ::: "Left X";
				right == 1 ::: "Right X";
			}
			defaultval = left;
			brieflist = 1;
		}
	}
}

GLOBAL COMPLEX "log sensitive" "log sensitive" 2000 {
	ATTR OPTION "type" "type"  2001 {
		multi_opt = 1;
		brieflist = 1;
		CHOICES {
			pre-defined-rule == 2 : SET;
			custom-rule == 4 : SET;
		}
	}
}

GLOBAL COMPLEX "log syslogd" "syslogd" 2150 {
	ATTR OPTION_EN "status" "enable/disable" 2151 {
		brieflist = 1;
		defaultval = disable;
	}
	ATTR OPTION "severity" "severity"  2152 {
		brieflist = 1;
		CHOICES {
			emergency == 0;
			alert == 1;
			critical == 2;
			error == 3;
			warning == 4;
			notification == 5;
			information == 6;
			debug == 7;
		}
		defaultval = information;
	}
	ATTR OPTION "facility" "facility" 2153 {
		brieflist = 1;
		CHOICES {
			kernel == 1;
			user == 2;
			mail == 3;
			daemon == 4;
			auth == 5;
			cron == 10;
			authpriv == 11;
			ftp == 12;
			ntp == 13;
			audit == 14;
			alert == 15;
			clock == 16;
			local0 == 17;
			local1 == 18;
			local2 == 19;
			local3 == 20;
			local4 == 21;
			local5 == 22;
			local6 == 23;
			local7 == 24;
		}
		defaultval = local7;
	}
	ATTR DATASOURCE "policy" "policy" 2154 {
		brieflist = 1;
		datasource = "2020";
	}
}

GLOBAL COMPLEX "system antivirus" "system antivirus" 970 {
	ATTR OPTION "default-db" "basic/extended" 971 {
		brieflist = 1;
		CHOICES {
			basic == 1;
			extended == 2;
		}	
		defaultval = basic;
	}
	ATTR OPTION_EN "scan-bzip2" "enable scanning of bzip2 compressed file" 972 {
		brieflist = 1;
		defaultval = enable;
	}
	ATTR INT "uncomp-size-limit" "uncompress size(KiloByte) limit (limit 1-5000KB)" 973 {
		brieflist = 1;
		defaultval = 5000;
		VALIDATE RANGE 1:5000;
	}
	ATTR INT "uncomp-nest-limit" "maximum uncompress nest level that can be scanned(2-100)" 974 {
		brieflist = 1;
		defaultval = 12;
		VALIDATE RANGE 2:100;
	}
}

GLOBAL TABLE "system report-lang" "system report-language" 270 {
	TABLENAME STRING "name" "name" 271 {		
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		ATTR STRING "description" "description" 272 {
			brieflist = 1;
		}
		ATTR OPTION "protected" "" 273 {
			brieflist = 1;
			parseflag = "hidden";
			CHOICES {
				no == 0; #Allow language config to be deleted
				yes == 1; #Set language config read-only
			}
			defaultval = yes;
		}		
	}
}

DOMAIN TABLE "server-policy health" "server health check" 4000 {
	TABLENAME STRING "name" "monitor" 4001 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		ATTR OPTION "type" "monitor type" 4002 {
			CHOICES {
				ping == 1 ::: "icmp checker";
				tcp == 2 ::: "tcp port probe";
				http == 3 ::: "http checker";
			}
			defaultval = tcp;
			brieflist = 1;
		}
		ATTR INT "time-out" "connect timeout" 4003 {
			defaultval = 10;
			brieflist = 1;
			VALIDATE RANGE 1:10;
		}
		ATTR INT "retry-times" "retry times" 4004 {
			defaultval = 5;
			brieflist = 1;
			VALIDATE RANGE 1:10;
		}
		ATTR INT "interval" "interval(sec)" 4005 {
			defaultval = 5;
			brieflist = 1;
			VALIDATE RANGE 1:10;
		}
		ATTR STRING "url-path" "path of the URL, without host name" 4006 {
			brieflist = 1;
			VALIDATE NO_XSS RELAXED;
			condition = 4002:eq:3;
		}
		ATTR DATASOURCE "trigger-policy" "trigger policy" 4007 {
			brieflist = 1;
			datasource = "2090";
		}
		ATTR STRING "regular" "regular expression" 4008 {
			brieflist = 1;
#			condition = 4002:eq:3;
		}
	}
}

DOMAIN TABLE "server-policy pserver" "physical servers" 4010 {
	TABLENAME STRING "name" "physical server name" 4011 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		ATTR IPADDR "ip" "physical server ip" 4012 {
			brieflist = 1;
			parseflag = "must";
#			ipversion = 4;
			subnet_type = network;
		}
		ATTR OPTION_EN "status" "physical server status" 4013 {
			defaultval = enable;
		}
	}
}

GLOBAL TABLE "system certificate crl" "system certificate crl" 930 {
	TABLENAME STRING "name" "name" 931 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		ATTR OPTION "type" "type" 932 {
			CHOICES {
				http == 1 ::: "http";
				scep == 2 ::: "scep";
				local == 3 ::: "local";
			}
			defaultval = local;
		}
		ATTR STRING "url" "url" 933 {
			VALIDATE URL RELAXED;
		}
		ATTR STRING "comment" "comment" 934 {
		}
			
	}
}

GLOBAL TABLE "system certificate ca-group" "system certificate ca-group" 900 {
	TABLENAME STRING "name" "name" 901 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		TABLE "members" "members" 902 {
			TABLENAME INT "<No.>" "The number of ca-group members" 903 {
				ATTR DATASOURCE "name" "name " 904 {
					brieflist = 1;
					datasource = "890";
				}
			}
		}
	}
}

GLOBAL TABLE "system certificate verify" "system certificate verify" 940 {
	TABLENAME STRING "name" "name" 941 {
		VALIDATE NO_XSS RELAXED;
		brieflist =1;
		ATTR DATASOURCE "ca" "ca " 942 {
			brieflist =1;
			datasource = "900";
		}
		ATTR DATASOURCE "ocsp" "ocsp certificate " 943 {
			brieflist =1;
			datasource = "880";
		}
		ATTR DATASOURCE "crl" "crl certificate " 944 {
			brieflist =1;
			datasource = "930";
		}
	}
}

DOMAIN TABLE "server-policy vserver" "server-policy vserver" 4050 {
	TABLENAME STRING "name" "virtual server name" 4051 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		ATTR IPADDR_MASK "vip" "virtual ip address " 4052 {
#			parseflag = "must";
			brieflist = 1;
			ipversion = 4;
			subnet_type = host;
		}
		ATTR DATASOURCE "interface" "interface" 4053 {
			parseflag = "must";
			brieflist = 1;
			datasource = "440";
		}
		ATTR OPTION_EN "status" "status:enable/disable" 4054 {
			brieflist = 1;
			defaultval = enable;
		}
		ATTR INT "ip-activity" "whether or not use an existing ip" 4055 {
			brieflist = 1;
			parseflag = "readonly";
		}
		ATTR IPADDR_MASK "vip6" "virtual ip v6 address " 4056 {
			brieflist = 1;
			ipversion = 6;
			subnet_type = host;
		}
	}
}

DOMAIN TABLE "server-policy error-page" "error-page" 4070 {
	TABLENAME STRING "name" "name" 4071 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
	}
}

DOMAIN TABLE "server-policy pattern custom-susp-url" "custom suspicious url" 4100 {
	TABLENAME STRING "name" "custom suspicious url name" 4101 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		ATTR STRING "expression" "expression" 4102 {
			brieflist = 1;
		}
	}
}

DOMAIN TABLE "server-policy pattern custom-susp-url-rule" "custom suspicious url rule" 4110 {
	TABLENAME STRING "name" "custom suspicious url rule name" 4111 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		TABLE "type-list" "type list" 4112 {
			TABLENAME INT "id" "id" 4113 {
				ATTR DATASOURCE "custom-susp-url" "custom suspicious url name" 4114 {
					datasource = "4100";
					parseflag = "must";
					brieflist = 1;
				}
			}
		}
	}
}

#DOMAIN COMPLEX "server-policy pattern global-white-list-group" "global-white-list-group" 4130 {
#	ATTR INT "flag_operation" "flag" 4131 {
#		parseflag = "hidden";
#	}
#}

DOMAIN TABLE "server-policy pattern predefined-global-white-list-group" "predefined global white list group" 4510 {
	TABLENAME STRING "id" "predefined global white list group item id" 4511 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
	}
}

DOMAIN TABLE "server-policy pattern custom-global-white-list-group" "custom global-white-list-group" 4450 {
	TABLENAME INT "id" "custom global whilte list group id" 4451 {
		brieflist = 1;
		ATTR OPTION "type" "type" 4452 {
			CHOICES {
				URL == 1; 
				Parameter == 2; 
				Cookie == 3;
			}
			defaultval = URL;
			brieflist = 1;
		}
		ATTR STRING "name" "name" 4453 {
			VALIDATE NO_XSS RELAXED;
			condition = 4452:eq:2;	
			condition = 4452:eq:3;	
			parseflag = "must";
		}
		ATTR OPTION "request-type" "request type" 4454 {
			CHOICES {
				plain == 0;
				regular == 1;
			}
			defaultval = plain;
			brieflist = 1;
			condition = 4452:eq:1;	
		}
		ATTR STRING "request-file" "request-file" 4455 {
			condition = 4452:eq:1;	
			parseflag = "must";
		}
		ATTR STRING "domain" "domain" 4456 {
			VALIDATE NO_XSS RELAXED;
			condition = 4452:eq:3;	
		}
		ATTR STRING "path" "path" 4457 {
			VALIDATE NO_XSS RELAXED;
			condition = 4452:eq:3;	
		}
		ATTR OPTION_EN "status" "disable/enable" 4458 {
			brieflist = 1;
			defaultval = enable;	
		}
	}
}

DOMAIN COMPLEX "server-policy pattern known-search-engines-group" "known search engines group" 4500 {
	ATTR INT "flag_operation" "flag" 4501 {
		parseflag = "hidden";
	}
}

DOMAIN TABLE "server-policy pattern suspicious-url-rule" "suspicious-url-rule" 4120 {
	TABLENAME STRING "name" "name" 4121 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		TABLE "type-list" "type-list" 4122 {
			TABLENAME INT "<No.>" "The number of type list members" 4123 {
				ATTR OPTION "server-type" "server-type " 4124 {
					brieflist = 1;
				}
			}
		}
		ATTR DATASOURCE "custom-susp-url-rule" "custom-susp-url-rule" 4125 {
			brieflist = 1;
			datasource = "4110";
		}
		ATTR INT "flag" "flag" 4126 {
			parseflag = "hidden";
			brieflist = 1;
		}
	}
}

DOMAIN TABLE "server-policy allow-hosts" "allow hosts" 4140 {
	TABLENAME STRING "name" "name" 4141 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		ATTR OPTION "default-action" "default action" 4142 {
			CHOICES {
				allow == 1;
				deny == 6;
			}
			brieflist = 1;
			defaultval = allow;
		}
		ATTR INT "flag" "flag" 4143 {
			brieflist = 1;
			parseflag = "hidden,readonly";
		}
		TABLE "host-list" "host list" 4144 {
			TABLENAME INT "id" "id" 4145 {
				ATTR STRING "host" "" 4146 {
					VALIDATE NO_XSS RELAXED;
					brieflist = 1;
					parseflag = "must";
				}
				ATTR OPTION "action" "" 4147 {
					CHOICES {
						allow == 1;
						deny == 6;
					}
					defaultval = allow;
					brieflist = 1;
				}
			}
		}
	}
}

DOMAIN TABLE "server-policy http-content-routing-policy" "http-content-routing-policy" 4060 {
	TABLENAME STRING "name" "name" 4061 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		TABLE "content-routing-list" "content-routing-list" 4062 {
			TABLENAME INT "<No.>" "name of http content routing policy list " 4063 {
				ATTR OPTION_EN "host-status" "host-status" 4064 {
					brieflist = 1;
					defaultval = disable;
				}
				ATTR STRING "host" "host" 4065 {
					brieflist = 1;
					VALIDATE NO_XSS RELAXED;
				}
				ATTR OPTION "url-type" "url type" 4066 {
					CHOICES {
						Simple-string == 0 ::: "Simple string";
						Regular-expression == 1 ::: "Regular expression";
					}
					defaultval = Simple-string;
					brieflist = 1;
				}
				ATTR STRING "request-url" "request url" 4067 {
					brieflist = 1;
				}
			}
		}
	}
}

DOMAIN TABLE "server-policy pservers" "server-policy pservers" 4200 {
	TABLENAME STRING "name" "name" 4201 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		ATTR OPTION "type" "type" 4202 {
			CHOICES {
				server-balance == 1 ::: "Server balance";
				offline-protection == 2 ::: "offline protection";
				transparent-servers-for-tp == 3 ::: "Transparent servers(for true transparent proxy)";
				transparent-servers-for-ti == 4 ::: "Transparent servers(for transparent inspection)";
				http-content-routing == 5 ::: "HTTP content routing";
			}
	            defaultval = server-balance;
		}
		TABLE "pserver-list" "pserver-list" 4203 {
			parseflag = "movable";
			TABLENAME INT "<No.>" "name of pserver-list" 4204 {
				ATTR OPTION "server-type" "server-type physical or domain" 4205 {
					CHOICES {
						physical == 1 ::: "physical server";
						domain == 2 ::: "domain server";
					}
					defaultval = physical;
				}
				ATTR DATASOURCE "pserver" "physical server" 4206 {
					datasource = "4010";
					condition = 4205:eq:1;
				}
				ATTR DATASOURCE "dserver" "domain server" 4207 {
					datasource = "4020";
					condition = 4205:eq:2;
				}
				ATTR INT "port" "physical or domain server port" 4208 {
					VALIDATE RANGE 1:65535;
					defaultval = 80;
				}
				ATTR INT "weight" "weight" 4209 {
					VALIDATE RANGE 1:9999;
					defaultval = 1;
				}
				ATTR STRING "xpath-expression" "physical or domain server xpath_expression" 4210 {
				}
				ATTR DATASOURCE "http-content-routing-policy" "http-content-routing-policy" 4212 {
					datasource = "4060";
				}
				ATTR OPTION_EN "ssl" "ssl" 4213 {
					defaultval = disable;
				}
				ATTR DATASOURCE "certificate" "certificate" 4214 {
					datasource = "870";
				}
				ATTR DATASOURCE "client-certificate" "client-certificate" 4215 {
					datasource = "870";
#condition = 4202:eq:3;
				}
				ATTR DATASOURCE "certificate-verify" "certificate-verify" 4216 {
					datasource = "940";
#condition = 4202:eq:3;
				}
				ATTR DATASOURCE "intermediate-certificate-group" "intermediate-certificate-group" 4217 {
					datasource = "920";
#condition = 4202:eq:3;
				}
				ATTR OPTION_EN "hsts-header" "hsts header support" 4220 {
					defaultval = disable;
				}
				ATTR INT "hsts-max-age" "hsts max age value" 4221 {
					VALIDATE RANGE 3600:31536000;
					defaultval = 7776000;
				}
			}
		}
		ATTR STRING "comment" "comment" 4218 {
		}
		ATTR INT "flag" "flag" 4219 {
			parseflag = "hidden";
		}
	}
}

DOMAIN TABLE "waf http-protocol-parameter-restriction" "waf http protocol parameter restriction" 5660 {
	TABLENAME STRING "name" "name" 5661 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
#max-http-header-length
		ATTR INT "max-http-header-length" "max length of header, default value is 4096" 5662 {
			VALIDATE RANGE 0:4096;
			defaultval = 4096;
		}
		ATTR OPTION "max-http-header-length-action" "action" 5663 {
			CHOICES {
				alert == 2 ::: "alert";
				alert_deny == 6 ::: "deny connection and alert";
				block-period == 11 ::: "block-period";
			}
			defaultval = alert;
		}
		ATTR INT "max-http-header-length-block-period" "block period(1-3600)" 5664 {
			defaultval = 60;
			VALIDATE RANGE 1:3600;
#condition = 5663:eq:11;
		}
		ATTR OPTION "max-http-header-length-severity" "severity:High, Medium or Low" 5665 {
			CHOICES {
				High == 1 ::: "High";
				Medium == 2 ::: "Medium";
				Low == 3 ::: "Low";
			}
			brieflist = 1;
			defaultval = Low;	
		}
		ATTR DATASOURCE "max-http-header-length-trigger" "choose Email or syslog policy" 5666 {
			datasource = "2090";
		}
#max-http-content-length
		ATTR INT "max-http-content-length" "max length of content, 0 means this value has not limitation" 5667 {
			VALIDATE RANGE 0:67108864;
			defaultval = 67108864;
		}
		ATTR OPTION "max-http-content-length-action" "action" 5668 {
			CHOICES {
				alert == 2 ::: "alert";
				alert_deny == 6 ::: "deny connection and alert";
				block-period == 11 ::: "block-period";
			}
			defaultval = alert;
		}
		ATTR INT "max-http-content-length-block-period" "block period(1-3600)" 5669 {
			defaultval = 60;
			VALIDATE RANGE 1:3600;
#condition = 5668:eq:11;
		}
		ATTR OPTION "max-http-content-length-severity" "severity:High, Medium or Low" 5670 {
			CHOICES {
				High == 1 ::: "High";
				Medium == 2 ::: "Medium";
				Low == 3 ::: "Low";
			}
			brieflist = 1;
			defaultval = Low;	
		}
		ATTR DATASOURCE "max-http-content-length-trigger" "choose Email or syslog policy" 5671 {
			datasource = "2090";
		}
#max-http-body-length
		ATTR INT "max-http-body-length" "max length of body, 0 means this value has not limitation" 5672 {
			VALIDATE RANGE 0:67108864;
			defaultval = 67108864;
		}
		ATTR OPTION "max-http-body-length-action" "action" 5673 {
			CHOICES {
				alert == 2 ::: "alert";
				alert_deny == 6 ::: "deny connection and alert";
				block-period == 11 ::: "block-period";
			}
			defaultval = alert;
		}
		ATTR INT "max-http-body-length-block-period" "block period(1-3600)" 5674 {
			defaultval = 60;
			VALIDATE RANGE 1:3600;
#condition = 5673:eq:11;
		}
		ATTR OPTION "max-http-body-length-severity" "severity:High, Medium or Low" 5675 {
			CHOICES {
				High == 1 ::: "High";
				Medium == 2 ::: "Medium";
				Low == 3 ::: "Low";
			}
			brieflist = 1;
			defaultval = Low;	
		}
		ATTR DATASOURCE "max-http-body-length-trigger" "choose Email or syslog policy" 5676 {
			datasource = "2090";
		}
#max-http-parameter-length
		ATTR INT "max-http-parameter-length" "max length of parameter, default value is 6144" 5677 {
			VALIDATE RANGE 0:6144;
			defaultval = 6144;
		}
		ATTR OPTION "max-http-parameter-length-action" "action" 5678 {
			CHOICES {
				alert == 2 ::: "alert";
				alert_deny == 6 ::: "deny connection and alert";
				block-period == 11 ::: "block-period";
			}
			defaultval = alert;
		}
		ATTR INT "max-http-parameter-length-block-period" "block period(1-3600)" 5679 {
			defaultval = 60;
			VALIDATE RANGE 1:3600;
#condition = 5678:eq:11;
		}
		ATTR OPTION "max-http-parameter-length-severity" "severity:High, Medium or Low" 5680 {
			CHOICES {
				High == 1 ::: "High";
				Medium == 2 ::: "Medium";
				Low == 3 ::: "Low";
			}
			brieflist = 1;
			defaultval = Medium;	
		}
		ATTR DATASOURCE "max-http-parameter-length-trigger" "choose Email or syslog policy" 5681 {
			datasource = "2090";
		}
#max-http-header-line-length
		ATTR INT "max-http-header-line-length" "max length of header line, default value is 2048" 5682 {
			VALIDATE RANGE 0:4096;
			defaultval = 2048;
		}
		ATTR OPTION "max-http-header-line-length-action" "action" 5683 {
			CHOICES {
				alert == 2 ::: "alert";
				alert_deny == 6 ::: "deny connection and alert";
				block-period == 11 ::: "block-period";
			}
			defaultval = alert;
		}
		ATTR INT "max-http-header-line-length-block-period" "block period(1-3600)" 5684 {
			defaultval = 60;
			VALIDATE RANGE 1:3600;
#condition = 5683:eq:11;
		}
		ATTR OPTION "max-http-header-line-length-severity" "severity:High, Medium or Low" 5685 {
			CHOICES {
				High == 1 ::: "High";
				Medium == 2 ::: "Medium";
				Low == 3 ::: "Low";
			}
			brieflist = 1;
			defaultval = Low;	
		}
		ATTR DATASOURCE "max-http-header-line-length-trigger" "choose Email or syslog policy" 5686 {
			datasource = "2090";
		}
#max-http-request-length
		ATTR INT "max-http-request-length" "max length of http request, default value is 67108864 [0,67108864]" 5687 {
			VALIDATE RANGE 0:67108864;
			defaultval = 67108864;
		}
		ATTR OPTION "max-http-request-length-action" "action" 5688 {
			CHOICES {
				alert == 2 ::: "alert";
				alert_deny == 6 ::: "deny connection and alert";
				block-period == 11 ::: "block-period";
			}
			defaultval = alert;
		}
		ATTR INT "max-http-request-length-block-period" "block period(1-3600)" 5689 {
			defaultval = 60;
			VALIDATE RANGE 1:3600;
#condition = 5688:eq:11;
		}
		ATTR OPTION "max-http-request-length-severity" "severity:High, Medium or Low" 5690 {
			CHOICES {
				High == 1 ::: "High";
				Medium == 2 ::: "Medium";
				Low == 3 ::: "Low";
			}
			brieflist = 1;
			defaultval = Low;	
		}
		ATTR DATASOURCE "max-http-request-length-trigger" "choose Email or syslog policy" 5691 {
			datasource = "2090";
		}
#max-url-parameter-length
		ATTR INT "max-url-parameter-length" "max length of url parameter, default value is 2048 [0,2048]" 5692 {
			VALIDATE RANGE 0:2048;
			defaultval = 2048;
		}
		ATTR OPTION "max-url-parameter-length-action" "action" 5693 {
			CHOICES {
				alert == 2 ::: "alert";
				alert_deny == 6 ::: "deny connection and alert";
				block-period == 11 ::: "block-period";
			}
			defaultval = alert;
		}
		ATTR INT "max-url-parameter-length-block-period" "block period(1-3600)" 5694 {
			defaultval = 60;
			VALIDATE RANGE 1:3600;
#condition = 5693:eq:11;
		}
		ATTR OPTION "max-url-parameter-length-severity" "severity:High, Medium or Low" 5695 {
			CHOICES {
				High == 1 ::: "High";
				Medium == 2 ::: "Medium";
				Low == 3 ::: "Low";
			}
			brieflist = 1;
			defaultval = Low;	
		}
		ATTR DATASOURCE "max-url-parameter-length-trigger" "choose Email or syslog policy" 5696 {
			datasource = "2090";
		}
#Illegal-http-version-check
		ATTR OPTION_EN "Illegal-http-version-check" "" 5697 {
			defaultval = disable;
		}
		ATTR OPTION "Illegal-http-version-check-action" "action" 5698 {
			CHOICES {
				alert == 2 ::: "alert";
				alert_deny == 6 ::: "deny connection and alert";
				block-period == 11 ::: "block-period";
			}
			defaultval = alert;
		}
		ATTR INT "Illegal-http-version-check-block-period" "block period(1-3600)" 5699 {
			defaultval = 60;
			VALIDATE RANGE 1:3600;
#condition = 5698:eq:11;
		}
		ATTR OPTION "Illegal-http-version-check-severity" "severity:High, Medium or Low" 5700 {
			CHOICES {
				High == 1 ::: "High";
				Medium == 2 ::: "Medium";
				Low == 3 ::: "Low";
			}
			brieflist = 1;
			defaultval = Medium;	
		}
		ATTR DATASOURCE "Illegal-http-version-check-trigger" "choose Email or syslog policy" 5701 {
			datasource = "2090";
		}
#max-cookie-in-request
		ATTR INT "max-cookie-in-request" "max count of cookie request, default value is 16 [0,32]" 5702 {
			VALIDATE RANGE 0:32;
			defaultval = 16;
		}
		ATTR OPTION "max-cookie-in-request-action" "action" 5703 {
			CHOICES {
				alert == 2 ::: "alert";
				alert_deny == 6 ::: "deny connection and alert";
				block-period == 11 ::: "block-period";
			}
			defaultval = alert;
		}
		ATTR INT "max-cookie-in-request-block-period" "block period(1-3600)" 5704 {
			defaultval = 60;
			VALIDATE RANGE 1:3600;
#condition = 5703:eq:11;
		}
		ATTR OPTION "max-cookie-in-request-severity" "severity:High, Medium or Low" 5705 {
			CHOICES {
				High == 1 ::: "High";
				Medium == 2 ::: "Medium";
				Low == 3 ::: "Low";
			}
			brieflist = 1;
			defaultval = Low;	
		}
		ATTR DATASOURCE "max-cookie-in-request-trigger" "choose Email or syslog policy" 5706 {
			datasource = "2090";
		}
#max-header-line-request
		ATTR INT "max-header-line-request" "max count of header line request, default value is 32 [0,32]" 5707 {
			VALIDATE RANGE 0:32;
			defaultval = 32;
		}
		ATTR OPTION "max-header-line-request-action" "action" 5708 {
			CHOICES {
				alert == 2 ::: "alert";
				alert_deny == 6 ::: "deny connection and alert";
				block-period == 11 ::: "block-period";
			}
			defaultval = alert;
		}
		ATTR INT "max-header-line-request-block-period" "block period(1-3600)" 5709 {
			defaultval = 60;
			VALIDATE RANGE 1:3600;
#condition = 5708:eq:11;
		}
		ATTR OPTION "max-header-line-request-severity" "severity:High, Medium or Low" 5710 {
			CHOICES {
				High == 1 ::: "High";
				Medium == 2 ::: "Medium";
				Low == 3 ::: "Low";
			}
			brieflist = 1;
			defaultval = Low;	
		}
		ATTR DATASOURCE "max-header-line-request-trigger" "choose Email or syslog policy" 5711 {
			datasource = "2090";
		}
#Illegal-http-request-method-check
		ATTR OPTION_EN "Illegal-http-request-method-check" "" 5712 {
			defaultval = disable;
		}
		ATTR OPTION "Illegal-http-request-method-action" "action" 5713 {
			CHOICES {
				alert == 2 ::: "alert";
				alert_deny == 6 ::: "deny connection and alert";
				block-period == 11 ::: "block-period";
			}
			defaultval = alert_deny;
		}
		ATTR INT "Illegal-http-request-method-block-period" "block period(1-3600)" 5714 {
			defaultval = 60;
			VALIDATE RANGE 1:3600;
#condition = 5713:eq:11;
		}
		ATTR OPTION "Illegal-http-request-method-severity" "severity:High, Medium or Low" 5715 {
			CHOICES {
				High == 1 ::: "High";
				Medium == 2 ::: "Medium";
				Low == 3 ::: "Low";
			}
			brieflist = 1;
			defaultval = Medium;	
		}
		ATTR DATASOURCE "Illegal-http-request-method-trigger" "choose Email or syslog policy" 5716 {
			datasource = "2090";
		}
#max-url-parameter
		ATTR INT "max-url-parameter" "max length of url parameter, default value is 16 [0,64]" 5717 {
			VALIDATE RANGE 0:64;
			defaultval = 16;
		}
		ATTR OPTION "max-url-parameter-action" "action" 5718 {
			CHOICES {
				alert == 2 ::: "alert";
				alert_deny == 6 ::: "deny connection and alert";
				block-period == 11 ::: "block-period";
			}
			defaultval = alert;
		}
		ATTR INT "max-url-parameter-block-period" "block period(1-3600)" 5719 {
			defaultval = 60;
			VALIDATE RANGE 1:3600;
#condition = 5718:eq:11;
		}
		ATTR OPTION "max-url-parameter-severity" "severity:High, Medium or Low" 5720 {
			CHOICES {
				High == 1 ::: "High";
				Medium == 2 ::: "Medium";
				Low == 3 ::: "Low";
			}
			brieflist = 1;
			defaultval = Low;	
		}
		ATTR DATASOURCE "max-url-parameter-trigger" "choose Email or syslog policy" 5721 {
			datasource = "2090";
		}
#Illegal-host-name-check
		ATTR OPTION_EN "Illegal-host-name-check" "" 5722 {
			defaultval = disable;
		}
		ATTR OPTION "Illegal-host-name-check-action" "action" 5723 {
			CHOICES {
				alert == 2 ::: "alert";
				alert_deny == 6 ::: "deny connection and alert";
				block-period == 11 ::: "block-period";
			}
			defaultval = alert_deny;
		}
		ATTR INT "Illegal-host-name-check-block-period" "block period(1-3600)" 5724 {
			defaultval = 60;
			VALIDATE RANGE 1:3600;
#condition = 5723:eq:11;
		}
		ATTR OPTION "Illegal-host-name-check-severity" "severity:High, Medium or Low" 5725 {
			CHOICES {
				High == 1 ::: "High";
				Medium == 2 ::: "Medium";
				Low == 3 ::: "Low";
			}
			brieflist = 1;
			defaultval = Medium;	
		}
		ATTR DATASOURCE "Illegal-host-name-check-trigger" "choose Email or syslog policy" 5726 {
			datasource = "2090";
		}
#number-of-ranges-in-range-header
		ATTR INT "number-of-ranges-in-range-header" "max ranges in Range Header,default value is 5 [0 ,64]" 5727 {
			VALIDATE RANGE 0:64;
			defaultval = 5;
		}
		ATTR OPTION "number-of-ranges-in-range-header-action" "action" 5728 {
			CHOICES {
				alert == 2 ::: "alert";
				alert_deny == 6 ::: "deny connection and alert";
				block-period == 11 ::: "block-period";
			}
			defaultval = alert;
		}
		ATTR INT "number-of-ranges-in-range-header-block-period" "block period(1-3600)" 5729 {
			defaultval = 60;
			VALIDATE RANGE 1:3600;
#condition = 5728:eq:11;
		}
		ATTR OPTION "number-of-ranges-in-range-header-severity" "severity:High, Medium or Low" 5730 {
			CHOICES {
				High == 1 ::: "High";
				Medium == 2 ::: "Medium";
				Low == 3 ::: "Low";
			}
			brieflist = 1;
			defaultval = Low;	
		}
		ATTR DATASOURCE "number-of-ranges-in-range-header-trigger" "choose Email or syslog policy" 5731 {
			datasource = "2090";
		}
#exception_name
		ATTR DATASOURCE "exception_name" "exception" 5732 {
			datasource = "5860";
		}
#block-malformed-request-check
		ATTR OPTION_EN "block-malformed-request-check" "block malformed request check" 5733 {
			defaultval = disable;
		}
		ATTR OPTION "block-malformed-request-action" "action" 5734 {
			CHOICES {
				alert == 2 ::: "alert";
				alert_deny == 6 ::: "deny connection and alert";
				block-period == 11 ::: "block-period";
			}
			defaultval = alert_deny;
		}
		ATTR INT "block-malformed-request-block-period" "block period(1-3600)" 5735 {
			defaultval = 60;
			VALIDATE RANGE 1:3600;
#condition = 5734:eq:11;
		}
		ATTR OPTION "block-malformed-request-severity" "severity:High, Medium or Low" 5736 {
			CHOICES {
				High == 1 ::: "High";
				Medium == 2 ::: "Medium";
				Low == 3 ::: "Low";
			}
			brieflist = 1;
			defaultval = Medium;	
		}
		ATTR DATASOURCE "block-malformed-request-trigger" "choose Email or syslog policy" 5737 {
			datasource = "2090";
		}
	}
}

DOMAIN TABLE "waf brute-force-login" "waf brute force login" 6180 {
	TABLENAME STRING "name" "name" 6181 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		TABLE "login-page-list" "login-page-list" 6182 {
			TABLENAME INT "<NO.>" "the name of login page list" 6183 {
				ATTR STRING "host" "" 6184 {
					VALIDATE NO_XSS RELAXED;
				}
				ATTR STRING "request-file" "request-file" 6185 {
					parseflag = "must";
				}
				ATTR INT "access-limit-standalone-ip" "access limit for standalone ip" 6186 {
					VALIDATE RANGE 1:10000;
					parseflag = "must";
				}
				ATTR OPTION_EN "ip-port-enable" "ip port:disable/enable" 6187 {
					defaultval = disable;
				}
				ATTR INT "access-limit-share-ip" "access limit for share ip" 6188 {
					VALIDATE RANGE 1:10000;
					parseflag = "must";
				}
				ATTR INT "block-period" "block period(1-10000)" 6189 {
					VALIDATE RANGE 1:10000;
					defaultval = 60;
				}
				ATTR OPTION_EN "host-status" "host status:disable/enable" 6190 {
					defaultval = disable;
				}
			}
		}
		ATTR OPTION "severity" "severity:High, Medium or Low" 6191 {
			CHOICES {
				High == 1 ::: "High";
				Medium == 2 ::: "Medium";
				Low == 3 ::: "Low";
			}
			brieflist = 1;
			defaultval = Medium;	
		}
		ATTR DATASOURCE "trigger" "choose Email or syslog policy" 6192 {
			datasource = "2090";
		}
		ATTR INT "flag" "flag" 6193 {
			brieflist = 1;
			parseflag = "hidden,readonly";
		}
	}
}

DOMAIN TABLE "waf file-upload-restriction-policy" "waf file upload restriction policy" 6220 {
	TABLENAME STRING "name" "name" 6221 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		parseflag = "keeporder";
		ATTR OPTION "action" "action" 6222 {
			CHOICES {
				alert == 2 ::: "alert";
				alert_deny == 6 ::: "deny connection and alert";
				block-period == 11 ::: "block-period";
			}
			defaultval = alert_deny;
		}
		ATTR INT "block-period" "block period(1-3600)" 6223 {
			defaultval = 60;
			condition = 6222:eq:11;
		}
		ATTR OPTION "severity" "severity:High, Medium or Low" 6224 {
			CHOICES {
				High == 1 ::: "High";
				Medium == 2 ::: "Medium";
				Low == 3 ::: "Low";
			}
			brieflist = 1;
			defaultval = Medium;	
		}
		ATTR DATASOURCE "trigger" "choose Email or syslog policy" 6225 {
			datasource = "2090";
		}
		ATTR OPTION_EN "av-scan" "AV scan upload file" 6226 {
			defaultval = disable;
		}
		TABLE "rule" "rule" 6227 {
			parseflag = "movable";
			TABLENAME INT "<NO.>" "the name of rule" 6228 {
				ATTR DATASOURCE "file-upload-restriction-rule" "file-upload-restriction-rule" 6229 {
					datasource = "6200";
				}	
			}
		}
	}
}

DOMAIN TABLE "waf layer4-connection-flood-check-rule" "waf layer4 connection flood check rule" 5160 {
	TABLENAME STRING "name" "name" 5161 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		ATTR INT "layer4-connection-threshold" "layer4_conn_threshold(1,65535)" 5162 {
			defaultval = 1;
			VALIDATE RANGE 1:65535;
		}
		ATTR OPTION "action" "action" 5163 {
			CHOICES {
				alert == 2 ::: "alert";
				alert_deny == 6 ::: "deny connection and alert";
				block-period == 11 ::: "block period";
			}
		}
		ATTR OPTION "severity" "severity:High, Medium or Low" 5164 {
			CHOICES {
				High == 1 ::: "High";
				Medium == 2 ::: "Medium";
				Low == 3 ::: "Low";
			}
			brieflist = 1;
			defaultval = High;	
		}
		ATTR DATASOURCE "trigger-policy" "choose Email or syslog policy" 5165 {
			datasource = "2090";
		}
		ATTR INT "block-period" "action block period(1~3600)" 5166 {
			brieflist = 1;
			defaultval = 60;
			VALIDATE RANGE 1:3600;
                        condition = 5163:eq:11;
		}
	}
}

DOMAIN TABLE "waf application-layer-dos-prevention" "waf application layer dos prevention" 5180 {
	TABLENAME STRING "name" "name" 5181 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
#ATTR DATASOURCE "active-script-rule" "active-script-rule" 5182 {
#datasource = "5080";
#}
		ATTR OPTION_EN "enable-http-session-based-prevention" "enable-http-session-based-prevention" 5183 {
			defaultval = disable;
		}
		ATTR DATASOURCE "http-request-flood-prevention-rule" "http-request-flood-prevention-rule" 5184 {
			datasource = "5100";
		}
		ATTR DATASOURCE "http-connection-flood-check-rule" "http-connection-flood-check-rule" 5185 {
			datasource = "5120";
		}
		ATTR OPTION_EN "enable-layer4-dos-prevention" "enable-layer4-dos-prevention" 5186 {
			defaultval = disable;
		}
		ATTR DATASOURCE "layer4-access-limit-rule" "layer4-access-limit-rule" 5187 {
			datasource = "5140";
		}
		ATTR DATASOURCE "layer4-connection-flood-check-rule" "layer4-connection-flood-check-rule" 5188 {
			datasource = "5160";
		}

	}
}

DOMAIN TABLE "waf custom-access rule" "waf custom access rule" 6800 {
	TABLENAME STRING "name" "name" 6801 {
		VALIDATE NO_XSS RELAXED;
		ATTR OPTION "action" "action" 6802 {
			CHOICES {
				alert == 2 ::: "alert";
				alert_deny == 6 ::: "deny connection and alert";
				block-period == 11 ::: "block-period";
			}
			defaultval = alert;
		}
		ATTR INT "block-period" "block period(1-3600)" 6803 {
			defaultval = 60;
			condition = 6802:eq:11;
		}
		ATTR OPTION "severity" "severity:High, Medium or Low" 6804 {
			CHOICES {
				High == 1 ::: "High";
				Medium == 2 ::: "Medium";
				Low == 3 ::: "Low";
			}
			brieflist = 1;
			defaultval = Medium;	
		}
		ATTR DATASOURCE "trigger" "choose Email or syslog policy" 6805 {
			datasource = "2090";
		}
		TABLE "access-limit-filter" "access-limit-filter" 6806 {
			TABLENAME INT "<NO.>" "the name of access-limit-filter" 6807 {
				ATTR INT "access-rate-limit" "access-rate-limit" 6808 {
					VALIDATE RANGE 1:65535;
				}
			}
		}
		TABLE "http-header-filter" "http-header-filter" 6809 {
			TABLENAME INT "<NO.>" "the name of http-header-filter" 6810 {
				ATTR OPTION "header-name-type" "header-name-type" 6811 {
					CHOICES {
						predefined == 1 ::: "predefinded headername";
						custom == 2 ::: "custom headername";
					}
					defaultval = predefined;	
				}
				ATTR OPTION "predefined-header" "predefined-header" 6812 {
					CHOICES {
						host == 0 ::: "Host";
						connection == 1 ::: "Connection";
						authorization == 2 ::: "Authorization";
						x-pad == 3 ::: "X-Pad";
						cookie == 4 ::: "Cookie";
						referer == 5 ::: "Referer";
						user-agent == 6 ::: "User-Agent";
						X-Forwarded-For == 7 ::: "X-Forwarded-For";
						Accept == 8 ::: "Accept";
					}
					defaultval = host;	
				}
				ATTR STRING "custom-header-name" "custom-header-name" 6813 {
					parseflag = "must";
					condition = 6811:eq:2;
				}
				ATTR STRING "header-value" "header-value" 6814 {
					parseflag = "must";
				}
				ATTR OPTION "pre-header-type" "predefined header value type: simple string or regular expression" 6822 {
 					CHOICES {
						plain == 0 ::: "simple-string";
 						regular == 1 ::: "regex-expression";
 					}
 					defaultval = plain;
 				}
 				ATTR OPTION_EN "pre-header-rev-match" "predefined header value reverse match" 6823 {
 					defaultval = disable;
 				}
 				ATTR OPTION "cus-header-type" "custom defined header value type: simple string or regular expression" 6824 {
 					CHOICES {
 						plain == 0 ::: "simple-string";
 						regular == 1 ::: "regex-expression";
 					}
 					defaultval = plain;
 				}
 				ATTR OPTION_EN "cus-header-rev-match" "custom defined header value reverse match" 6825 {
 					defaultval = disable;
 				}
			}
		}
		TABLE "source-ip-filter" "source-ip-filter" 6815 {
			TABLENAME INT "<NO.>" "the name of source-ip-filter" 6816 {
				ATTR IPADDR "source-ip" "source-ip" 6817 {
					brieflist = 1;
					parseflag = "must";
					#ipversion = 4;
					subnet_type = host;
				}
			}
		}
		TABLE "url-filter" "url-filter" 6818 {
			TABLENAME INT "<NO.>" "the name of url-filter" 6819 {
				ATTR OPTION "reverse-match" "reverse-match" 6820 {
					CHOICES {
						yes == 1 ::: "unmatch this condition";
						no == 0 ::: "match this condition";
					}
				}
				ATTR STRING "request-file" "request-file" 6821 {
					parseflag = "must";
				}
			}
		}
	}
}

DOMAIN TABLE "waf custom-access policy" "waf custom access policy " 6830 {
	TABLENAME STRING "name" "name" 6831 {
		VALIDATE NO_XSS RELAXED;
		TABLE "rule" "rule" 6832 {
			parseflag = "movable";
			TABLENAME INT "<NO.>" "the name of rule" 6833 {
				ATTR DATASOURCE "rule-name" "rule-name" 6835 {
					datasource = 6800;
                    parseflag = "must";
				}
			}
		}
	}
}

DOMAIN TABLE "waf site-publish-helper rule" "site publish helper rule" 4400 {
	TABLENAME STRING "published-site" "primary key" 4401 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		ATTR OPTION_EN "status" "status" 4402 {
			defaultval = enable;
		}
		ATTR OPTION "client-auth-method" "client auth method" 4403 {
			CHOICES {
				http-auth == 1 ::: "http auth";
				html-form-auth == 2 ::: "html form auth";
			}
			brieflist = 1;
			defaultval = html-form-auth;
		}
		ATTR OPTION "auth-method" "auth method" 4404 {
			CHOICES {
				ldap == 1 ::: "ldap";
				radius == 2 ::: "radius";
			}
			brieflist = 1;
			defaultval = ldap;
		}
		ATTR DATASOURCE "ldap-server" "ldap server" 4405 {
			datasource = "1020";
			brieflist = 1;
		}
		ATTR DATASOURCE "radius-server" "radius server" 4406 {
			datasource = "1040";
			brieflist = 1;
		}
		ATTR OPTION "auth-delegation" "auth delegation" 4407 {
			CHOICES {
				no-delegation == 1 ::: "no-delegation";
				http-basic == 2 ::: "http-basic";
			}
			brieflist = 1;
			defaultval = no-delegation;
		}
		ATTR OPTION_EN "sso-support" "sso-support" 4408 {
			defaultval = disable;
		}
		ATTR STRING "sso-domain" "sso-domain" 4409 {

		}
		ATTR STRING "path" "path must start with /" 4410 {
			VALIDATE REGEX "^/";
			parseflag = "must";
			brieflist = 1;
		}
		ATTR OPTION "alert-type" "alert type" 4411 {
			CHOICES {
				none == 0 ::: "none";
				fail == 1 ::: "failed only";
				success == 2 ::: "successful only";
				all == 3 ::: "all";
			}
			defaultval = none;
			brieflist = 1;
		}
		ATTR STRING "Published-Server-Logoff-Path" "Published Server Logoff path must start with /" 4412 {
			VALIDATE REGEX "^/";
			brieflist = 1;
		}
	}
}

DOMAIN TABLE "waf site-publish-helper policy" "site publish helper policy" 4440 {
	TABLENAME STRING "name" "name" 4441 {
		VALIDATE NO_XSS RELAXED;
		TABLE "rule" "rule" 4442 {
			TABLENAME INT "<NO.>" "the name of rule" 4443 {
				ATTR DATASOURCE "rule-name" "rule-name" 4444 {
					datasource = 4400;
                    parseflag = "must";
				}
			}
		}
	}
}

DOMAIN TABLE "waf web-protection-profile inline-protection" "inline profile" 6240 {
	TABLENAME STRING "name" "name" 6241 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		ATTR OPTION_EN "http-session-management" "http-session-management" 6242 {
			defaultval = disable;
		}
		ATTR INT "http-session-timeout" "http-session-timeout(20-1200)" 6243 {
			VALIDATE RANGE 20:1200;
			defaultval = 1200;
			condition = 6242:eq:1;
		}
		ATTR DATASOURCE "url-access-policy" "url-access-policy" 6244 {
			datasource = "5640";
			brieflist = 1;
		}
		ATTR DATASOURCE "signature-rule" "signature-rule" 6245 {
			datasource = "6020";
			brieflist = 1;
		}
		ATTR DATASOURCE "x-forwarded-for-rule" "x-forwarded-for-rule" 6246 {
			datasource = "6120";
			brieflist = 1;
		}
		ATTR DATASOURCE "page-access-rule" "page-access-rule" 6247 {
			datasource = "5460";
			brieflist = 1;
			condition = 6242:eq:1;
		}
		ATTR DATASOURCE "parameter-validation-rule" "parameter-validation-rule" 6248 {
			datasource = "5370";
			brieflist = 1;
		}
		ATTR DATASOURCE "hidden-fields-protection" "hidden-fields-protection" 6249 {
			datasource = "5440";
			brieflist = 1;
			condition = 6242:eq:1;
		}
		ATTR DATASOURCE "start-pages" "start-pages" 6250 {
			datasource = "6140";
			brieflist = 1;
			condition = 6242:eq:1;
		}
		ATTR DATASOURCE "allow-method-policy" "allow-method-policy" 6251 {
			datasource = "5570";
			brieflist = 1;
		}
		ATTR DATASOURCE "brute-force-login" "brute-force-login" 6252 {
			datasource = "6180";
			brieflist = 1;
		}
#		ATTR DATASOURCE "robot-control" "robot-control" 6253 {
#			datasource = "6160";
#			brieflist = 1;
#		}
		ATTR DATASOURCE "url-rewrite-policy" "url-rewrite-policy" 6254 {
			datasource = "5530";
			brieflist = 1;
		}
		ATTR DATASOURCE "http-authen-policy" "http-authen-policy" 6255 {
			datasource = "5260";
			brieflist = 1;
		}
		ATTR OPTION_EN "cookie-poison" "cookie-poison" 6256 {
			defaultval = disable;
		}
		ATTR OPTION "cookie-poison-action" "action" 6257 {
			CHOICES {
				alert == 2 ::: "alert";
				alert_deny == 6 ::: "deny connection and alert";
				remove_cookie == 5 ::: "remove cookie";
				block-period == 11 ::: "block period";
			}
			defaultval = alert;
	#		condition = 6256:eq:1;
		}
		ATTR INT "block-period" "action block period(1-3600)" 6258 {
			VALIDATE RANGE 1:3600;
			defaultval = 60;
	#		condition = 6256:EQ:1;
	#		condition = 6257:EQ:11;
		}
		ATTR OPTION "cookie-poison-severity" "High, Medium or Low" 6259 {
			CHOICES {
				High == 1 ::: "High";
				Medium == 2 ::: "Medium";
				Low == 3 ::: "Low";
			}
			brieflist = 1;
			defaultval = High;	
	#		condition = 6256:eq:1;			
		}
		ATTR DATASOURCE "cookie-poison-trigger" "choose Email or syslog policy" 6260 {
			datasource = "2090";
			brieflist = 1;
	#		condition = 6256:eq:1;
		}
		ATTR DATASOURCE "file-upload-policy" "file-upload-policy" 6261 {
			datasource = "6220";
			brieflist = 1;
		}
		ATTR DATASOURCE "http-protocol-parameter-restriction" "http-protocol-parameter-restriction" 6262 {
			datasource = "5660";
			brieflist = 1;
		}
		ATTR STRING "redirect-url" "Http redirect URL" 6263 {
		}
		ATTR OPTION_EN "amf3-protocol-detection" "amf3-protocol-detection" 6264 {
			defaultval = disable;
		}
		ATTR OPTION_EN "rdt-reason" "redirect URL with reason" 6265 {
			defaultval = disable;
		}
		ATTR DATASOURCE "ip-list-policy" "ip-list-policy" 6266 {
			datasource = "5220";
			brieflist = 1;
		}
		ATTR DATASOURCE "file-compress-rule" "file-compress-rule" 6267 {
			datasource = "5040";
			brieflist = 1;
		}
		ATTR DATASOURCE "file-uncompress-rule" "file-uncompress-rule" 6268 {
			datasource = "5020";
			brieflist = 1;
		}
		ATTR DATASOURCE "application-layer-dos-prevention" "application-layer-dos-prevention" 6269 {
			datasource = "5180";
			brieflist = 1;
		}
		ATTR OPTION_EN "data-analysis" "data-analysis" 6270 {
			defaultval = disable;
		}
		ATTR DATASOURCE "geo-block-list-policy" "geo-block-list-policy" 6271 {
			datasource = "5200";
			brieflist = 1;
		}
		ATTR DATASOURCE "custom-access-policy" "custom-access-policy" 6272 {
			datasource = "6830";
			brieflist = 1;
		}
		ATTR OPTION_EN "xml-protocol-detection" "enable/disable xml protocol detection" 6273 {
			defaultval = disable;
			brieflist = 1;
		}
		ATTR OPTION_EN "malformed-xml-check" "" 6274 {
			defaultval = disable;
			brieflist = 1;
		}
		ATTR OPTION "malformed-xml-check-action" "" 6275 {
			CHOICES {
				alert == 2 ::: "alert";
                                alert_deny == 6 ::: "deny connection and alert";
                                block-period == 11 ::: "block period";
			}
			defaultval = alert;
			brieflist = 1;
		}
		ATTR INT "malformed-xml-block-period" "action block period(1~3600)" 6276 {
			VALIDATE RANGE 1:3600;
			brieflist = 1;
			defaultval = 60;
		}
		ATTR OPTION "malformed-xml-check-severity" "High, Medium or Low" 6277 {
			CHOICES {
				High == 1 ::: "High";
                                Medium == 2 ::: "Medium";
                                Low == 3 ::: "Low";
			}
			defaultval = High;
			brieflist = 1;
		}
		ATTR DATASOURCE "malformed-xml-check-trigger" "choose Email or syslog policy" 6278 {
			datasource = "2090";
			brieflist = 1;
		}
		ATTR OPTION_EN "ip-intelligence" "ip intelligence" 6279 {
			defaultval = disable;
			brieflist = 1;
		}
		ATTR OPTION_EN "known-search-engine" "allow known search engine" 6280 {
			defaultval = disable;
			brieflist = 1;
		}
		ATTR DATASOURCE "site-publish-helper" "site publish helper" 6281 {
			datasource = "4440";
			brieflist = 1;
		}
	}
}

DOMAIN TABLE "waf web-protection-profile offline-protection" "offline profile" 6340 {
	TABLENAME STRING "name" "name" 6341 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		parseflag = "keeporder";
		ATTR OPTION_EN "http-session-management" "http-session-management" 6342 {
			defaultval = disable;
		}
		ATTR INT "http-session-timeout" "http-session-timeout(20-1200)" 6343 {
			VALIDATE RANGE 20:1200;
			defaultval = 1200;
			#condition = 6342:eq:1;
		}
		ATTR DATASOURCE "url-access-policy" "url-access-policy" 6344 {
			datasource = "5640";
			brieflist = 1;
		}
		ATTR STRING "http-session-keyword" "http-session-keyword" 6345 {
			VALIDATE NO_XSS RELAXED;
			#condition = 6342:eq:1;
		}
		ATTR DATASOURCE "hidden-fields-protection" "hidden-fields-protection" 6346 {
			datasource = "5440";
			brieflist = 1;
			#condition = 6342:eq:1;
		}
		ATTR DATASOURCE "signature-rule" "signature-rule" 6347 {
			datasource = "6020";
			brieflist = 1;
		}
		ATTR DATASOURCE "x-forwarded-for-rule" "x-forwarded-for-rule" 6348 {
			datasource = "6120";
			brieflist = 1;
		}
		ATTR DATASOURCE "parameter-validation-rule" "parameter-validation-rule" 6349 {
			datasource = "5370";
			brieflist = 1;
		}
		ATTR DATASOURCE "file-upload-policy" "file-upload-policy" 6350 {
			datasource = "6220";
			brieflist = 1;
		}
		ATTR DATASOURCE "allow-method-policy" "allow-method-policy" 6351 {
			datasource = "5570";
			brieflist = 1;
		}
#		ATTR DATASOURCE "robot-control" "robot-control" 6352 {
#			datasource = "6160";
#			brieflist = 1;
#		}
#		ATTR DATASOURCE "http-authen-policy" "http-authen-policy" 6353 {
#			datasource = "5260";
#			brieflist = 1;
#		}
		ATTR DATASOURCE "http-protocol-parameter-restriction" "http-protocol-parameter-restriction" 6354 {
			datasource = "5660";
			brieflist = 1;
		}
		ATTR OPTION_EN "amf3-protocol-detection" "amf3-protocol-detection" 6355 {
			defaultval = disable;
		}
		ATTR DATASOURCE "ip-list-policy" "ip-list-policy" 6356 {
			datasource = "5220";
			brieflist = 1;
		}
		ATTR DATASOURCE "geo-block-list-policy" "geo-block-list-policy" 6357 {
			datasource = "5200";
			brieflist = 1;
		}
		ATTR DATASOURCE "file-uncompress-rule" "file-uncompress-rule" 6358 {
			datasource = "5020";
			brieflist = 1;
		}
		ATTR DATASOURCE "brute-force-login" "brute-force-login" 6359 {
			datasource = "6180";
			brieflist = 1;
		}
		ATTR OPTION_EN "data-analysis" "data-analysis" 6360 {
			defaultval = disable;
		}
		ATTR DATASOURCE "custom-access-policy" "custom-access-policy" 6361 {
			datasource = "6830";
			brieflist = 1;
		}
		ATTR OPTION_EN "xml-protocol-detection" "enable/disable xml protocol detection" 6362 {
			defaultval = disable;
			brieflist = 1;
		}
		ATTR OPTION_EN "malformed-xml-check" "" 6363 {
			defaultval = disable;
			brieflist = 1;
		}
		ATTR OPTION "malformed-xml-check-action" "" 6364 {
			CHOICES {
				alert == 2 ::: "alert";
                                alert_deny == 6 ::: "deny connection and alert";
                                block-period == 11 ::: "block period";
			}
			defaultval = alert;
			brieflist = 1;
		}
		ATTR INT "malformed-xml-check-block-period" "action block period(1~3600)" 6365 {
			VALIDATE RANGE 1:3600;
			brieflist = 1;
			defaultval = 60;
		}
		ATTR OPTION "malformed-xml-check-severity" "High, Medium or Low" 6366 {
			CHOICES {
				High == 1 ::: "High";
                                Medium == 2 ::: "Medium";
                                Low == 3 ::: "Low";
			}
			defaultval = High;
			brieflist = 1;
		}
		ATTR DATASOURCE "malformed-xml-check-trigger" "choose Email or syslog policy" 6367 {
			datasource = "2090";
			brieflist = 1;
		}
		ATTR OPTION_EN "ip-intelligence" "ip intelligence" 6368 {
                        defaultval = disable;
                        brieflist = 1;
                }
		ATTR OPTION_EN "known-search-engine" "allow known search engine" 6369 {
			defaultval = disable;
			brieflist = 1;
		}
	}
}

DOMAIN TABLE "waf web-protection-profile autolearning-profile" "waf auto learning profile" 6440 {
        TABLENAME STRING "name" "name" 6441 {
                VALIDATE NO_XSS RELAXED;
                brieflist = 1;
                ATTR DATASOURCE "data-type-group" "data type group" 6442 {
                        datasource = "4090";
                        brieflist = 1;
                }
                ATTR DATASOURCE "suspicious-url-rule" "suspicious url rule" 6443 {
                        datasource = "4120";
                        brieflist = 1;
                }
		ATTR INT "attack-count-threshold" "attack count threshold" 6444 {
			VALIDATE RANGE 1:2147483647;
			defaultval = 100;
			brieflist = 1;
		}
		ATTR INT "attack-percent-range" "attack percent range" 6445 {
			VALIDATE RANGE 1:10000;
			defaultval = 5;
			brieflist = 1;
		}
		ATTR DATASOURCE "application-policy" "application policy" 6446 {
			datasource = "4180";
			brieflist = 1;
		}
        }
}


GLOBAL TABLE "wad website" "Web Site with Anti-Defacement" 9300 {
	TABLENAME INT "id" "website id" 9301 {
		VALIDATE RANGE 1:16;
		brieflist = 1;
		ATTR STRING "name" "name of this website" 9302 {
			VALIDATE NO_XSS RELAXED;
			brieflist = 1;
			parseflag = "must";
		}
		ATTR STRING "description" "description of this website" 9303 {
			brieflist = 1;
		}
		ATTR OPTION_EN "monitor" "whether to enable monitoring this website : [enable|disable]" 9304 {
			defaultval = enable;
			brieflist = 1;
		}
		ATTR STRING "hostname-ip" "Hostname or IP address of the website" 9305 {
			VALIDATE HOSTNAME RELAXED;
			brieflist = 1;
		}
		ATTR OPTION "connect-type" "conection type : [FTP | SSH | SMB]" 9306 {
			CHOICES {
				ftp == 0 ::: "connect by ftp";
				ssh == 1 ::: "connect by ssh";
				smb == 2 ::: "connect by windows share";
			}
			defaultval = ftp;
			brieflist = 1;
		}
		ATTR INT "port" "port, scale: [1-65535], only available for FTP or SSH" 9307 {
			VALIDATE RANGE 1:65535;
			defaultval = 21;
			condition = 9306:ne:2;
			brieflist = 1;
		}
		ATTR STRING "share-name" "windows share name" 9308 {
			VALIDATE NO_XSS RELAXED;
			condition = 9306:eq:2; 
			brieflist = 1;
		}
		ATTR STRING "web-folder" "website folder to be monitored" 9309 {
			VALIDATE NO_XSS RELAXED;
			condition = 9306:ne:2;
			brieflist = 1;
		}
		ATTR STRING "user" "user name" 9310 {
			VALIDATE NO_XSS RELAXED;
			brieflist = 1;
		}
		ATTR PASSWD "password" "password" 9311 {
			brieflist = 1;
		}
		ATTR DATASOURCE "alert-email" "alert email address list, seperated by commar" 9312 {
			datasource = "2030";
			brieflist = 1;
		}
		ATTR INT "interval-root" "monitor interval for pages under root directory, unit: second" 9313 {
			VALIDATE RANGE 1:86400;
			defaultval = 60;
			brieflist = 1;
		}
		ATTR INT "interval-other" "monitor interval of all pages under non root directory, unit: second" 9314 {
			VALIDATE RANGE 1:86400;
			defaultval = 600;
			brieflist = 1;
		}
		ATTR INT "monitor-depth" "max depth of web folder" 9315 {
			VALIDATE RANGE 1:10;
			defaultval = 5;
			brieflist = 1;
		}
		ATTR INT "backup-max-fsize" "maximum size of web site file to be backuped, unit: KByte" 9316 {
			VALIDATE RANGE 1:1048576;
			defaultval = 10240;
		}
		ATTR STRING "backup-skip-ftype" "file suffix to be skipped, seperated by commar. For example: [avi,iso,rmvb]" 9317 {
			VALIDATE NO_XSS RELAXED;
			brieflist = 1;
		}
		ATTR INT "last-backup-time" "last backup time" 9318 {
			brieflist = 1;
			parseflag = "hidden";
		}
		ATTR OPTION_EN "auto-restore" "automatically restore web file changes" 9319 {
			defaultval = disable;
			brieflist = 1;
		}
	}
}

DOMAIN TABLE "log reports" "reports" 2180 {
    TABLENAME STRING "report_name" "report name" 2181 {
        VALIDATE NO_XSS RELAXED;		
        ATTR STRING "report_title" "report title" 2182 {
            VALIDATE NO_XSS RELAXED;
            brieflist = 1;
#parseflag = "must";
        }
        ATTR STRING "report_desc" "report description" 2183 {
            brieflist = 1;
#parseflag = "must";
        }
        ATTR OPTION "report_protected" "Set report config read-only, for FortiWeb administrators" 2184 {
            CHOICES {
                no == 0 ::: "Allow report config to be modified";
                yes == 1 ::: "Set report config read-only";
            }
            parseflag = "hidden";
            defaultval = no;
        }
        ATTR OPTION "include_nodata" "Set display/hide reports with no matching data" 2185 {
            CHOICES {
                no == 0 ::: "Hide reports with no matching data";
                yes == 1 ::: "Display reports with no matching data";
            }
            defaultval = no;
        }
        ATTR OPTION "on_demand" "Set report profile on-demand" 2186 {
            CHOICES {
                disable == 0 ::: "Not an on-demand report";
                enable == 1 ::: "An on-demand report";
            }
            defaultval = disable;
        }
        ATTR OPTION "period_type" "time period of the default report" 2187 {
            CHOICES {
                today == 0 ::: "Today";
                yesterday == 1 ::: "Yesterday";
                last-n-hours == 2 ::: "Last N Hours";
                this-week == 3 ::: "This Week";
                last-week == 4 ::: "Last Week";
                last-7-days == 5 ::: "Last 7 Days";
                last-n-days == 6 ::: "Last N Days";
                last-2-weeks == 7 ::: "Last 2 Weeks";
                last-14-days == 8 ::: "Last 14 Days";
                this-month == 9 ::: "This Month";
                last-month == 10 ::: "Last Month";
                last-30-days == 11 ::: "Last 30 Days";
                last-n-weeks == 12 ::: "Last N Weeks";
                this-quarter == 13 ::: "This Quarter";
                last-quarter == 14 ::: "Last Quarter";
                this-year == 15 ::: "This Year";
                other == 16 ::: "Other Specified Dates and Times";
            }
            defaultval = last-7-days;
        }
        ATTR INT "period_last_n" "last N hours/days/weeks" 2188 {
            brieflist = 1;
            condition = 2187:eq:2;	
            condition = 2187:eq:6;	
            condition = 2187:eq:12;	
#parseflag = "must";
        }
        ATTR USER "period_start" "start date and time <hh:mm yyyy/mm/dd>" 2189 {
            defaultval = "00:00 2001/1/1";
            brieflist = 1;
            condition = 2187:eq:16;	
#parseflag = "must";
        }
        ATTR USER "period_end" "end date and time <hh:mm yyyy/mm/dd>" 2190 {
            defaultval = "00:00 2001/1/1";
            brieflist = 1;
            condition = 2187:eq:16;	
#parseflag = "must";
        }
        ATTR INT "scope_top1" "show top X values of the 1st variable in Ranked Reports" 2191 {
            VALIDATE RANGE 1:30;
            brieflist = 1;
            defaultval = 6;
        }
        ATTR INT "scope_top2" "show top Y values of the 2nd variable in Ranked Reports" 2192 {
            VALIDATE RANGE 1:30;
            brieflist = 1;
            defaultval = 3;
        }
        ATTR OPTION "scope_include_summary" "whether include summary information in the report" 2193 {
            CHOICES {
                no == 0 ::: "Do not include summary in the report";
                yes == 1 ::: "Include summary in the report";
            }
            defaultval = yes;
        }
        ATTR OPTION "scope_include_table_of_content" "whether include table of content in the report" 2194 {
            CHOICES {
                no == 0 ::: "Do not include table of content in the report";
                yes == 1 ::: "Include table of content in the report";
            }
            defaultval = yes;
        }
        ATTR OPTION "Report_pci_activity" "PCI_Activity" 2195 {
            multi_opt = 1;
            CHOICES {
                pci-attacks-date-type == 1 :SET:: "PCI_Attacks_by_Date_and_Top_Attack_Types";
                pci-attacks-month-type == 2 :SET:: "PCI_Attacks_by_Month_and_Top_Attack_Types";
                pci-attacks-day-type == 4 :SET:: "PCI_Attacks_by_Day_of_Week_and_Top_Attack_Types";
                pci-attacks-hour-type == 8 :SET:: "PCI_Attacks_by_Hour_of_Day_and_Top_Attack_Types";
            }
#            defaultval = pci-attacks-date-type;
        }
        ATTR OPTION "Report_attack_activity" "Attack_Activity" 2196 {
            multi_opt = 1;
            CHOICES {
                attacks-type == 1 :SET:: "Attacks_by_Top_Attack_Types";
                attacks-url == 2 :SET:: "Attacks_by_Top_URLs";
                attacks-date-type == 4 :SET:: "Attacks_by_Date_and_Top_Attack_Types";
                attacks-month-type == 8 :SET:: "Attacks_by_Month_and_Top_Attack_Types";
                attacks-day-type == 16 :SET:: "Attacks_by_Day_of_Week_and_Top_Attack_Types";
                attacks-hour-type == 32 :SET:: "Attacks_by_Hour_of_Day_and_Top_Attack_Types";
                attacks-type-dev == 64 :SET:: "Attacks_by_Top_Actions_and_Attack_Severity";
                attacks-dst-type == 128 :SET:: "Attacks_by_Attack_Destination_and_Top_Attack_Types";
                attacks-dst-ip == 256 :SET:: "Attacks_by_Attack_Destination_and_Top_Attack_Source_IP";
                attacks-type-ip == 512 :SET:: "Attacks_by_Top_Attack_Types_and_Top_Attack_Source_IP";
                attacks-method-type == 1024 :SET:: "Attacks_by_Http_Methods_and_Top_Attack_Types";
                attacks-cat == 2048 :SET:: "Attacks_By_Category";
                attacks-policy == 4096 :SET:: "Attacks_By_Policy";
                attacks-day == 8192 :SET:: "Attacks_By_Day";
                attacks-ts == 16384 :SET:: "Top_Sources_Of_Attacks";
                attacks-td == 32768 :SET:: "Top_Destinations_of_Attacks";
                attacks-proto == 65536 :SET:: "Top_Attacks_by_Protocol";
                attacks-date-severity == 131072 :SET:: "Attacks_by_Date_and_Top_Attack_Severity";
                attacks-month-severity == 262144 :SET:: "Attacks_by_Month_and_Top_Attack_Severity";
                attacks-day-severity == 524288 :SET:: "Attacks_by_Day_of_Week_and_Top_Attack_Severity";
                attacks-hour-severity == 1048576 :SET:: "Attacks_by_Hour_of_Day_and_Top_Attack_Severity";
                attacks-sessionid == 2097152 :SET:: "Attacks_By_UserID";
            }
#            defaultval = attacks-type;
        }
        ATTR OPTION "Report_traffic_activity" "Traffic_Activity" 2197 {
            multi_opt = 1;
            CHOICES {
                net-pol == 1 :SET:: "Top_Policies";
                net-srv == 2 :SET:: "Top_Services";
                net-src == 4 :SET:: "Top_Sources";
                net-dst == 8 :SET:: "Top_Destinations";
                net-src-dst == 16 :SET:: "Top_Destinations_By_Top_Source";
                net-dst-src == 32 :SET:: "Top_Sources_By_Top_Destination";
                net-date-dst == 64 :SET:: "Top_Destinations_By_Date";
                net-hour-dst == 128 :SET:: "Top_Destinations_By_Hour_of_Day";
                net-day-dst == 256 :SET:: "Top_Destinations_By_Day_of_Week";
                net-month-dst == 512 :SET:: "Top_Destinations_By_Month";
                net-date-src == 1024 :SET:: "Top_Sources_By_Date";
                net-hour-src == 2048 :SET:: "Top_Sources_By_Hour_of_Day";
                net-day-src == 4096 :SET:: "Top_Sources_By_Day_of_Week";
                net-month-src == 8192 :SET:: "Top_Sources_By_Month";
            }
#defaultval = net-pol;
        }
        ATTR OPTION "Report_event_activity" "Event_Activity" 2198 {
            multi_opt = 1;
            CHOICES {
                ev-all == 1 :SET:: "Overall_Events_Triggered";
                ev-all-cat == 2 :SET:: "Overall_Events_Triggered_By_Category";
                ev-all-type == 4 :SET:: "Overall_Events_Triggered_By_Type";
                ev-crit-hour == 8 :SET:: "Critical_Events_Triggered_By_Hour_Of_Day";
                ev-crit-day == 16 :SET:: "Critical_Events_Triggered_By_Date";
                ev-warn-hour == 32 :SET:: "Warning_Events_Triggered_By_Hour_Of_Day";
                ev-warn-day == 64 :SET:: "Warning_Events_Triggered_By_Date";
                ev-info-hour == 128 :SET:: "Informational_Events_Triggered_By_Hour_Of_Day";
                ev-info-day == 256 :SET:: "Informational_Events_Triggered_By_Date";
                ev-emer-hour == 512 :SET:: "Emergency_Events_Triggered_By_Hour_Of_Day";
                ev-emer-day == 1024 :SET:: "Emergency_Events_Triggered_By_Date";
                ev-aler-hour == 2048 :SET:: "Alert_Events_Triggered_By_Hour_Of_Day";
                ev-aler-day == 4096 :SET:: "Alert_Events_Triggered_By_Date";
                ev-err-hour == 8192 :SET:: "Error_Events_Triggered_By_Hour_Of_Day";
                ev-err-day == 16384 :SET:: "Error_Events_Triggered_By_Date";
                ev-noti-hour == 32768 :SET:: "Notification_Events_Triggered_By_Hour_Of_Day";
                ev-noti-day == 65536 :SET:: "Notification_Events_Triggered_By_Date";
                ev-hour == 131072 :SET:: "Events_By_Hour_Of_Day";
                ev-hour-cat == 262144 :SET:: "Hourly_Events_By_Category";
                ev-day == 524288 :SET:: "Events_By_Date";
                ev-day-cat == 1048576 :SET:: "Daily_Events_By_Category";
                ev-stat == 2097152 :SET:: "Events_Status";
                ev-day-login == 4194304 :SET:: "Top_Login_By_Day";
                ev-week-login == 8388608 :SET:: "Top_Login_By_Week";
                ev-user-login == 16777216 :SET:: "Top_Login_By_User";
            }
#            defaultval = ev-all;
        }
        TABLE "queryset_option" "The settings about Query Sets" 2199 {
            TABLENAME STRING "name" "QuerySet\'s Name" 2200 {
                ATTR INT "order" "Specify QuerySet\'s Order in Report" 2201{
                    defaultval = 100;
                }
            }
        }
        TABLE "query_option" "The settings about Querys" 2202 {
            TABLENAME STRING "name" "QuerySet\'s Name" 2203 {
                ATTR INT "order" "Specify Current Query\'s Order in Report" 2204{
                    defaultval = 100;
                }
                ATTR OPTION "Table-Graph" "Specify Current Query\'s Table and Graph in Report" 2205 {
                    CHOICES {
                        all == 0 ::: "Show Table and Graph in Report";
                        table == 1 ::: "Show Table only in Report";
                        graph == 2 ::: "Show Graph only in Report";
                    }
                    defaultval = all;
                }
                ATTR OPTION "include-other" "If keep \"Other\" Field in Graphs" 2206 {
                    CHOICES {
                        disable == 0 ::: "Delete Other Field in Graph";
                        enable == 1 ::: "Keep Other Field in Graph";
                    }
                    defaultval = enable;
                }
            }		
        }
        ATTR STRING "filter_string" "query string of the log filter" 2207 {
            brieflist = 1;
            parseflag = "hidden";
        }
        ATTR OPTION "schedule_type" "schedule type" 2208 {
            CHOICES {
                none == 0 ::: "Not scheduled";
                daily == 1 ::: "Daily";
                days == 2 ::: "Specific days of the week";
                dates == 3 ::: "Specific dates of the month";
            }
            defaultval = none;
            condition = 2186:eq:0;	
        }
        ATTR OPTION "schedule_days" "specify days of the week to run reports" 2209 {
            multi_opt = 1;
            CHOICES {
                sun == 1 : SET:: "Sunday";
                mon == 2 : SET:: "Monday";
                tue == 4 : SET:: "Tuesday";
                wed == 8 : SET:: "Wednesday";
                thu == 16 : SET:: "Thursday";
                fri == 32 : SET:: "Friday";
                sat == 64 : SET:: "Saturday";
            }
            defaultval = sun;
            condition = 2186:eq:0;
            condition = 2208:eq:2;	
        }
        ATTR OPTION "schedule_dates" "specify dates of the month to run reports" 2210 {
            multi_opt = 1;
            CHOICES {
                1 == 1 :SET;
                2 == 2 :SET;
                3 == 4 :SET;
                4 == 8 :SET;
                5 == 16 :SET;
                6 == 32 :SET;
                7 == 64 :SET;
                8 == 128 :SET;
                9 == 256 :SET;
                10 == 512 :SET;
                11 == 1024 :SET;
                12 == 2048 :SET;
                13 == 4096 :SET;
                14 == 8192 :SET;
                15 == 16384 :SET;
                16 == 32768 :SET;
                17 == 65536 :SET;
                18 == 131072 :SET;
                19 == 262144 :SET;
                20 == 524288 :SET;
                21 == 1048576 :SET;
                22 == 2097152 :SET;
                23 == 4194304 :SET;
                24 == 8388608 :SET;
                25 == 16777216 :SET;
                26 == 33554432 :SET;
                27 == 67108864 :SET;
                28 == 134217728 :SET;
                29 == 268435456 :SET;
                30 == 536870912 :SET;
                31 == 1073741824 :SET;
            }
            defaultval = 1;
            condition = 2186:eq:0;
            condition = 2208:eq:3;	
        }
        ATTR USER "schedule_time" "specify time of the day to run reports <hh:mm>" 2211 {
            defaultval = "00:00";
            brieflist = 1;
            condition = 2186:eq:0;
            condition = 2208:eq:1;	
#parseflag = "must";
        }
        ATTR DATASOURCE "output_language" "Set output report language." 2212 {
            brieflist = 1;
            datasource = "210,270";
#defaultval = "Default";
#parseflag = "hidden,must";				
        }
        ATTR OPTION "output_file" "file output formats" 2213 {
            multi_opt = 1;
            CHOICES {
                html == 1 : SET:: "HTML";
                pdf == 2 : SET:: "PDF";
                rtf == 4 : SET:: "MS Word";
                txt == 8 : SET:: "Text";
                mht == 16 : SET:: "MHT";
            }
            defaultval = html;
        }
        ATTR STRING "email_subject" "email output subject" 2214 {
            brieflist = 1;
#parseflag = "must";
            VALIDATE NO_XSS RELAXED;
        }
        ATTR STRING "email_body" "email output body" 2215 {
            brieflist = 1;
#parseflag = "must";
            VALIDATE NO_XSS RELAXED;
        }
        ATTR STRING "email_attachment_name" "email output attachment name" 2216 {
            brieflist = 1;
#parseflag = "must";
            VALIDATE NO_XSS RELAXED;
        }
        ATTR OPTION "email_attachment_compress" "email compressed reports." 2217 {
            CHOICES {
                disable == 0 ::: "Email uncompressed report.";
                enable == 1 ::: "Email compressed report.";
            }
            defaultval = disable;	
        }
        ATTR OPTION "output_email" "email output formats" 2218 {
            multi_opt = 1;
            CHOICES {
                html == 1 : SET:: "HTML";
                pdf == 2 : SET:: "PDF";
                rtf == 4 : SET:: "MS Word";
                txt == 8 : SET:: "Text";
                mht == 16 : SET:: "MHT";
            }
#defaultval = html;
        }
        ATTR DATASOURCE "output_email_policy" "email output policy" 2219 {
            brieflist = 1;
            datasource = "2030";
        }
        TABLE "output_addresses" "email addresses of recipients" 2220 {
            TABLENAME STRING "address" "email to address" 2221 {
                ATTR STRING "email_from" "email from address" 2222 {
                    brieflist = 1;
                    VALIDATE EMAIL_ADDRESS RELAXED;
                }
            }
        }
        ATTR INT "browse_interval_1" "report parameters browse_interval_1 in seconds" 2223 {
            brieflist = 1;
            defaultval = 10;
            parseflag = "hidden";
        }
        ATTR INT "browse_interval_2" "report parameters browse_interval_2 in seconds" 2224 {
            brieflist = 1;
            defaultval = 30;
            parseflag = "hidden";
        }
        ATTR INT "browse_interval_3" "report parameters browse_interval_3 in seconds" 2225 {
            brieflist = 1;
            defaultval = 45;
            parseflag = "hidden";
        }
        ATTR INT "browse_interval_4" "report parameters browse_interval_4 in seconds" 2226 {
            brieflist = 1;
            defaultval = 75;
            parseflag = "hidden";
        }
        ATTR INT "percentage_1" "Percentage chance of constant browsing when consecutive web accesses time between browse_interval_1 and browse_interval_2" 2227 {
            brieflist = 1;
            defaultval = 90;
            parseflag = "hidden";
        }
        ATTR INT "percentage_2" "Percentage chance of constant browsing when consecutive web accesses time between browse_interval_2 and browse_interval_3" 2228 {
            brieflist = 1;
            defaultval = 60;
            parseflag = "hidden";
        }
        ATTR INT "percentage_3" "Percentage chance of constant browsing when consecutive web accesses time between browse_interval_3 and browse_interval_4" 2229 {
            brieflist = 1;
            defaultval = 30;
            parseflag = "hidden";
        }
        ATTR INT "last_page_time" "report parameters : add last_page_time seconds to view last page" 2230 {
            brieflist = 1;
            defaultval = 8;
            parseflag = "hidden";
        }
        ATTR STRING "custom_company" "Company Name" 2231 {
            brieflist = 1;
#parseflag = "must";
            VALIDATE NO_XSS RELAXED;
        }
        ATTR STRING "custom_header" "Header Comment" 2232 {
            brieflist = 1;
#parseflag = "must";
        }
        ATTR OPTION "custom_footer_options" "Footer Option" 2233 {
            CHOICES {
                report-title == 0 ::: "Report Title";
                custom == 1 ::: "Custom";
            }
            defaultval = report-title;
        }
        ATTR STRING "custom_footer" "Footer Comment" 2234 {
            brieflist = 1;
#parseflag = "must";
            condition = 2233:eq:1;
        }
        ATTR STRING "custom_header_logo" "Header Logo" 2235 {
            brieflist = 1;
#parseflag = "must";
            VALIDATE NO_XSS RELAXED;
        }
        ATTR STRING "custom_title_logo" "Title Logo" 2236 {
            brieflist = 1;
#parseflag = "must";
            VALIDATE NO_XSS RELAXED;
        }
    }
}

GLOBAL COMPLEX "system dos-prevention" "system dos prevention" 860 {
	ATTR OPTION_EN "syncookie" "syn cookie" 861 {
	#	parseflag = "must";
	}
	ATTR INT "half-open-threshold" "half-open threshold (10~10000)" 862 {
		VALIDATE RANGE 10:10000;
		defaultval = 8192;
	}
	ATTR OPTION "severity" "severity:High, Medium or Low" 863 {
		CHOICES {
			High == 1 ::: "High";
			Medium == 2 ::: "Medium";
			Low == 3 ::: "Low";
		}
		brieflist = 1;
		defaultval = High;	
	}
	ATTR DATASOURCE "trigger" "trigger" 864 {
		datasource = "2090";
	}
}

GLOBAL TABLE "wvs schedule" "wvs schedule" 9000 {
	TABLENAME STRING "name" "wvs schedule name" 9001 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		ATTR OPTION "type" "schedule type" 9002 {
			CHOICES {
				onetime ==  0;
				recurring == 1;
			}
			defaultval = onetime;
		}
		ATTR USER "date" "time and date" 9003 {
			condition = 9002:eq:0;
			defaultval = "0:0 2001/01/01";
		}
		ATTR USER "time" "configure schedule time" 9004 {
			condition = 9002:eq:1;
			defaultval = "0:0";
#			parseflag = "must";
		}
		ATTR OPTION "wday" "weekday" 9005 {
			multi_opt = 1;
			CHOICES {
				Sunday 	  == 1 : SET:: "update every Sunday";
				Monday	  == 2 : SET:: "update every Monday";
				Tuesday   == 4 : SET:: "update every Tuesday";
				Wednesday == 8 : SET:: "update every Wednesday";
				Thursday  == 16: SET:: "update every Thursday";
				Friday    == 32: SET:: "update every Friday";
				Saturday  == 64: SET:: "update every Saturday";
			}			
			parseflag = "keeporder";
			defaultval = Sunday;
			condition = 9002:eq:1;
		}
	}
}

GLOBAL TABLE "wvs profile" "wvs profile" 9010 {
	TABLENAME STRING "name" "wvs profile name" 9011 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
	}
}

GLOBAL TABLE "wvs policy" "wvs policy" 9110 {
	TABLENAME STRING "name" "wvs policy name" 9111 {
		parseflag = "keeporder";
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		ATTR OPTION "type" "" 9112 {
			CHOICES {
				runonce == 0;
				schedule == 1;
			}
			defaultval = runonce;
		}
		ATTR DATASOURCE "schedule" "schedule " 9113 {
			datasource = "9000";
			condition = 9112:eq:1;
		}
		ATTR OPTION "report_format" "report format " 9114 {
			CHOICES {
				html == 1 : SET;
				mht == 2 : SET;
				pdf == 4 : SET;
				rtf == 8 : SET;
				text == 16 : SET;
			}	
			defaultval = html;
			multi_opt = 1;
                        brieflist = 1;
		}
		ATTR DATASOURCE "profile" "profile" 9115 {
			datasource = "9010";
		}
		ATTR DATASOURCE "email" "email " 9116 {
			datasource = "2030";
		}
		ATTR INT "runtime" "run time" 9117 {
			
		}
	}
}

DOMAIN TABLE "server-policy policy" "server policy" 4300 {
	TABLENAME STRING "name" "policy name" 4301 {
		VALIDATE NO_XSS RELAXED;
		brieflist = 1;
		ATTR OPTION "deployment-mode" "deployment mode" 4303 {
			CHOICES {
				single-server == 1 ::: "single server";
				server-balance == 2 ::: "server balance";
				offline-protection == 6 ::: "offline protection";
				transparent-servers == 7 ::: "transparent servers";
				http-content-routing == 3 ::: "HTTP content routing";
			}
			parseflag = "keeporder";
			brieflist = 1;
		}
		ATTR OPTION "lb-algo" "load balancing algo" 4304 {
			CHOICES {
				round-robin == 1 ::: "round robin";
				weighted-round-robin == 2 ::: "weighted round robin";
				least-connections == 3 ::: "least connections";
				http-session-based-round-robin == 4 ::: "HTTP session based round robin";
			}
			parseflag = "keeporder";
			condition = 4303:eq:2;
			brieflist = 1;
		}
		ATTR DATASOURCE "vserver" "vserver" 4305 {
			condition = 491:eq:2; 
			datasource = "4050";
			parseflag = "must,keeporder";
			brieflist = 1;
		}
		ATTR DATASOURCE "v-zone" "v-zone" 4306 {
			datasource = "600";
			parseflag = "must,keeporder";
			brieflist = 1;
			condition = 491:eq:1;
			condition = 491:eq:8;
		}
		ATTR DATASOURCE "service" "service" 4307 {
			condition = 491:eq:2; 
			datasource = "4030, 4040";
			parseflag = "keeporder";
			brieflist = 1;
		}
		ATTR DATASOURCE "web-protection-profile" "web application protection profile" 4309 {
			datasource = "6240,6340";
			parseflag = "must,keeporder";
			brieflist = 1;
		}
		ATTR DATASOURCE "waf-autolearning-profile" "web application protection auto learning profile" 4310 {
			datasource = "6440";
			parseflag = "keeporder";
			brieflist = 1;
		}
		ATTR DATASOURCE "health" "server health check" 4311 {
			condition = 4303:ne:5;
			datasource = "4000";
			parseflag = "keeporder";
			brieflist = 1;
		}
		ATTR OPTION "server-type" "server-type: physical or domain" 4312 {
			CHOICES {
				physical == 1 ::: "physical server";
				domain == 2 ::: "domain server";
			}
			defaultval = physical;
			condition = 4303:eq:1;
			parseflag = "keeporder";
			brieflist = 1;
		}
		ATTR DATASOURCE "pserver" "physical server" 4313 {
			datasource = "4010";
			parseflag = "keeporder";
			brieflist = 1;
			condition = 4303:EQ:1;
			condition = 4312:EQ:1;
		}
		ATTR DATASOURCE "dserver" "domain server" 4314 {
			datasource = "4020";
			parseflag = "keeporder";
			brieflist = 1;
			condition = 4303:EQ:1;
			condition = 4312:EQ:2;
		}
		ATTR INT "pserver-port" "physical server HTTP port" 4315 {
			VALIDATE RANGE 1:65535;
			parseflag = "keeporder";
			brieflist = 1;
			defaultval = 80;
			condition = 4303:eq:1;
		}
		ATTR INT "pserver-sport" "physical server HTTPS port" 4316 {
			VALIDATE RANGE 1:65535;
			parseflag = "keeporder";
			brieflist = 1;
			defaultval = 443;
			condition = 4303:eq:1;
		}
		ATTR DATASOURCE "pservers" "phisical server farm" 4317 {
			condition = 4303:ne:1;
			datasource = "4200";
			parseflag = "keeporder";
			brieflist = 1;
		}
		ATTR DATASOURCE "allow-hosts" "allow hosts" 4318 {
			datasource = "4140";
			parseflag = "keeporder";
			brieflist = 1;
		}
		ATTR INT "persistence-timeout" "persistence timeout" 4319 {
			parseflag = "keeporder";
			brieflist = 1;
		}
		ATTR INT "persistent-server-sessions" "max persistent server sessions" 4320 {
			defaultval = @{all=1000;FWB_1000C=3000;FWB_3000C=10000;FWB_4000C=20000;FWB_3000D=50000;FWB_3000DFSX=50000;FWB_4000D=50000};
			parseflag = "keeporder";
			brieflist = 1;
		}
		ATTR OPTION_EN "ssl-server" "server SSL support: enable/disable" 4321 {
			defaultval = disable;
			parseflag = "keeporder";
                        brieflist = 1;
		}
		ATTR DATASOURCE "https-service" "https service" 4322 {
			condition = 491:eq:2;
			datasource = "4030,4040";
			parseflag = "keeporder";
                        brieflist = 1;
		}
		ATTR DATASOURCE "certificate" "certificate" 4323 {
			condition = 491:eq:2;
			datasource = "870";
			parseflag = "keeporder";
                        brieflist = 1;
		}
		ATTR DATASOURCE "intermediate-certificate-group" "Intermediate Certificate Group" 4324 {
			condition = 491:eq:2;
			datasource = "920";
			parseflag = "keeporder";
                        brieflist = 1;
		}
		ATTR DATASOURCE "ssl-client-verify" "SSL client certificate verify" 4325 {
			condition = 491:eq:2;
			datasource = "940";
			parseflag = "keeporder";
                        brieflist = 1;
		}
		ATTR OPTION_EN "case-sensitive" "case sensitive" 4326 {
			defaultval = disable;
			parseflag = "keeporder";
                        brieflist = 1;
		}
		ATTR OPTION_EN "server-connection-pool" "" 4327 {
			defaultval = disable;
			parseflag = "keeporder";
                        brieflist = 1;
		}
		ATTR OPTION_EN "status" "status: enable/disable" 4328 {
			defaultval = enable;
			parseflag = "keeporder";
                        brieflist = 1;
		}
		ATTR STRING "comment" "comment" 4329 {
			parseflag = "keeporder";
                        brieflist = 1;
		}
		ATTR INT "flag-operation" "operations" 4330 {
			parseflag = "hidden,keeporder";
                        brieflist = 1;
		}
		ATTR INT "flag-cookie" "cookie operation" 4331 {
			parseflag = "hidden,keeporder";
                        brieflist = 1;
		}
		ATTR DATASOURCE "block-port" "block port" 4332 {
			condition = 491:eq:4;
			datasource = "440";
			parseflag = "keeporder";
                        brieflist = 1;
		}
		ATTR OPTION_EN "noparse" "Enable pure proxy or not: enable/disable" 4333 {
			defaultval = disable;
			parseflag = "keeporder";
                        brieflist = 1;
		}
		ATTR DATASOURCE "data-capture-port" "Data capture port" 4334 {
			condition = 491:eq:4;
			datasource = "440";
			parseflag = "keeporder";
                        brieflist = 1;
		}
		ATTR OPTION_EN "monitor-mode" "Monitor mode: enable/disable" 4335 {
			defaultval = disable;
			parseflag = "keeporder";
                        brieflist = 1;
		}
		ATTR OPTION_EN "syncookie" "syn cookie: enable/disable" 4336 {
			defaultval = disable;
			parseflag = "keeporder";
                        brieflist = 1;
		}
		ATTR INT "half-open-threshold" "half-open threshold (10~10000)" 4337 {
			VALIDATE RANGE 10:10000;
			defaultval = 8192;
			parseflag = "keeporder";
                        brieflist = 1;
		}
		ATTR DATASOURCE "error-page" "error page" 4338 {
			datasource = "4070";
			parseflag = "keeporder";
                        brieflist = 1;
		}
		ATTR OPTION_EN "client-certificate-forwarding" "client certificate forwarding: enable/disable" 4339 {
			defaultval = disable;
			parseflag = "keeporder";
                        brieflist = 1;
		}
		ATTR STRING "error-msg" "error message" 4341 {
#			defaultval = "The page cannot be displayed. Please contact the administrator for additional information.";
#			VALIDATE NO_XSS RELAXED;
			parseflag = "keeporder";
                        brieflist = 1;
			condition = 4338:eq:0;
		}
		ATTR INT "error-page-code" "error page return code" 4342 {
			defaultval = 500;
			brieflist = 1;
			VALIDATE RANGE 1:600;
			condition = 4338:eq:0;
		}
		ATTR OPTION_EN "http-pipeline" "HTTP pipeline support: enable/disable" 4343 {
			defaultval = disable;
			parseflag = "keeporder";
                        brieflist = 1;
			condition = 491:eq:1;
			condition = 491:eq:2;
		}
		ATTR OPTION_EN "hsts-header" "hsts header support" 4344 {
			defaultval = disable;
			parseflag = "keeporder";
                        brieflist = 1;
                      condition = 491:eq:2;
		}
		ATTR INT "hsts-max-age" "max age value(unit: second, 1 hour-1 year)" 4345 {
			VALIDATE RANGE 3600:31536000;
			defaultval = 7776000;
		}
	}
}
