Claude 1

2025-12-09 09:33:48 -06:00
parent 228174e541
commit 4f1e8d3add
55 changed files with 4345 additions and 0 deletions
--- a/sophos-xgs-ansible/tests/sample_config/fw-sample1.yml
+++ b/sophos-xgs-ansible/tests/sample_config/fw-sample1.yml
@@ -0,0 +1,100 @@
+---
+# ============================================================================
+# Sample Firewall Configuration 1
+# ============================================================================
+# This is a complete example configuration for testing and reference.
+# All IPs, domains, and credentials are FAKE and for demonstration only.
+# ============================================================================
+
+sophos_mgmt_host: "192.168.100.1"
+sophos_api_username: "admin"
+sophos_api_password: "SampleP@ssw0rd123"
+
+sophos_hostname: "fw-sample1"
+sophos_location: "sample-datacenter"
+
+# Interfaces
+sophos_interfaces:
+  - name: "Port1"
+    zone: "WAN"
+    description: "Internet connection"
+    mode: "static"
+    ip_address: "203.0.113.100"
+    netmask: "255.255.255.248"
+    gateway: "203.0.113.97"
+    enabled: true
+
+  - name: "Port2"
+    zone: "LAN"
+    description: "Internal network"
+    mode: "static"
+    ip_address: "10.100.0.1"
+    netmask: "255.255.255.0"
+    enabled: true
+
+# VLANs
+sophos_vlans:
+  - name: "VLAN10-Servers"
+    vlan_id: 10
+    parent_interface: "Port2"
+    zone: "LAN"
+    ip_address: "10.100.10.1"
+    netmask: "255.255.255.0"
+    enabled: true
+
+# DHCP
+sophos_dhcp_servers:
+  - name: "DHCP-LAN"
+    interface: "Port2"
+    enabled: true
+    start_ip: "10.100.0.100"
+    end_ip: "10.100.0.200"
+    netmask: "255.255.255.0"
+    gateway: "10.100.0.1"
+    dns_servers: ["8.8.8.8", "8.8.4.4"]
+    lease_time: 86400
+
+# Firewall Rules
+sophos_firewall_rules:
+  - name: "Allow-LAN-to-Internet"
+    source_zones: ["LAN"]
+    dest_zones: ["WAN"]
+    source_networks: ["any"]
+    dest_networks: ["any"]
+    services: ["HTTP", "HTTPS", "DNS"]
+    action: "accept"
+    log: false
+    enabled: true
+
+# Site-to-Site VPN
+sophos_site_to_site_vpns:
+  - name: "Sample-VPN"
+    enabled: true
+    local_gateway: "203.0.113.100"
+    local_networks: ["10.100.0.0/16"]
+    remote_gateway: "203.0.113.200"
+    remote_networks: ["10.200.0.0/16"]
+    psk: "SamplePSK123"
+    description: "Sample VPN tunnel"
+
+# SNMP
+sophos_snmp:
+  enabled: true
+  version: "v2c"
+  community: "sample"
+  location: "Sample Location"
+  contact: "admin@example.com"
+
+# Logging
+sophos_logging:
+  enabled: true
+  syslog_servers:
+    - host: "10.100.0.50"
+      port: 514
+      protocol: "udp"
+
+# NTP
+sophos_ntp:
+  servers:
+    - "0.pool.ntp.org"
+  timezone: "UTC"