oav/tmp/other2.txt

version 7.1R2.2;
groups {
    re0 {
        system {
            host-name fhr1.lo6-re0;
        }
        interfaces {
            fxp0 {
                disable;
                unit 0 {
                    family inet;
                }
            }
        }
    }
    re1 {
        system {
            host-name fhr1.lo6-re1;
        }
        interfaces {
            fxp0 {
                disable;
                unit 0 {
                    family inet;
                }
            }
        }
    }
}
apply-groups [ re0 re1 ];
system {
    domain-name savvis.net;
    time-zone America/New_York;
    default-address-selection;
    dump-on-panic;
    authentication-order radius;
    name-server {
        204.71.36.9;
        204.70.127.127;
    }
    radius-server {
        167.215.232.32 {
            secret "$9$F4r/36CAp0hSe69IcylW8";
            timeout 5;
            retry 1;
        }
        216.90.89.135 {
            secret "$9$f5Q3n/CBIcQFu1Rhle";
            timeout 5;
            retry 1;
        }
    }
    login {
        class all {
            idle-timeout 15;
            permissions all;
        }
        class read-access {
            idle-timeout 15;
            permissions [ interface network routing snmp system trace view firewall ];
            deny-commands "set|request|test|file|clear";
        }
        class scc {
            idle-timeout 15;
            permissions [ clear configure interface interface-control network reset routing routing-control snmp system trace view firewall rollback view-configuration ];
            allow-configuration interfaces;
        }
        class scc_access {
            idle-timeout 15;
            permissions [ configure interface network routing snmp system trace view ];
        }
        user FULL {
            uid 3004;
            class all;
        }
        user READ {
            uid 2000;
            class read-access;
        }
        user SCC {
            uid 4000;
            class scc;
        }
        user autojuco {
            uid 2017;
            class all;
            authentication {
                ssh-rsa "1024 35 117368654974780910785804472328190496433755973300803053423299024175036242435747627812505529688000436949785484981772284116245736038093657503993364805140242824490573695257301456102356172165176328625890867569328219292100315044847195987067474021662846314660195892724192964475644563644853660336695620996491872426299 autojuco- 8/25/2004";
                ssh-rsa "1024 35 117368654974780910785804472328190496433755973300803053423299024175036242435747627812505529688000436949785484981772284116245736038093657503993364805140242824490573695257301456102356172165176328625890867569328219292100315044847195987067474021662846314660195892724192964475644563644853660336695620996491872426299 autojuco - 8/25/2004";
            }
        }
    }
    static-host-mapping {
        fhr1.lo6 sysid 02aa.ce18.ac40;
        fhr2.lo6 sysid 02aa.ce18.ac60;
    }
    services {
        ssh {
            connection-limit 16;
            rate-limit 10;
        }
    }
    syslog {
        user * {
            any emergency;
        }
        host 204.71.36.44 {
            any notice;
            authorization info;
            daemon info;
            kernel info;
            interactive-commands any;
        }
        host 204.71.36.45 {
            any notice;
            authorization info;
            daemon info;
            kernel info;
            interactive-commands any;
        }
        host 204.70.133.240 {
            any notice;
            authorization info;
            daemon info;
            kernel info;
            interactive-commands any;
        }
        host 212.124.244.48 {
            any notice;
            authorization any;
            cron any;
            daemon any;
            kernel any;
            user any;
            firewall any;
        }
        host 216.90.89.68 {
            any notice;
            authorization info;
            daemon info;
            kernel info;
            interactive-commands any;
        }
        file messages {
            any notice;
            authorization info;
            daemon info;
            kernel info;
        }
        file ACL10-firewall {
            firewall any;
        }
        file cli_logs {
            interactive-commands any;
        }
    }
    processes {
        snmp enable;
    }
    ntp {
        server 204.70.128.1;
        server 204.70.57.242;
    }
}
chassis {
    no-source-route;
    dump-on-panic;
    redundancy {
        routing-engine 0 backup;
        routing-engine 1 master;
    }
    aggregated-devices {
        sonet {
            device-count 1;
        }
    }
}
interfaces {
    ge-0/0/0 {
        description "G/E DataCenter trunk to uklond6-001.exalp-e:3.3";
        vlan-tagging;
        link-mode full-duplex;
        gigether-options {
            flow-control;
        }
        unit 3 {
            description "Mgt LAN - uklond6-001.exalp-a:8.7";
            vlan-id 3;
            family inet {
                accounting {
                    destination-class-usage;
                }
                address 10.49.235.4/26;
            }
        }
        unit 8 {
            description "Public LAN to uklond6_001.exalp-e:8.1";
            vlan-id 8;
            family inet {
                accounting {
                    destination-class-usage;
                }
                address 213.174.192.177/29;
            }
        }
        unit 27 {
            description "Internet Transit VLAN to Inkra";
            vlan-id 27;
            family inet {
                accounting {
                    destination-class-usage;
                }
                filter {
                    output deny-non-routable;
                }
                address 213.174.206.3/23 {
                    vrrp-group 254 {
                        virtual-address 213.174.206.1;
                        priority 254;
                    }
                    vrrp-group 255 {
                        virtual-address 213.174.206.2;
                        priority 100;
                    }
                }
            }
        }
        unit 901 {
            description "VPN Public Interface";
            vlan-id 901;
            family inet {
                accounting {
                    destination-class-usage;
                }
                filter {
                    output ACL109;
                }
                address 213.174.194.2/26 {
                    vrrp-group 109 {
                        virtual-address 213.174.194.1;
                        priority 101;
                    }
                }
            }
        }
        unit 912 {
            description "The Carlyle Group s254723 bgp1";
            vlan-id 912;
            family inet {
                accounting {
                    destination-class-usage;
                }
                address 165.193.172.73/30;
            }
        }
        unit 961 {
            description "Zynap Pro Co-Lo";
            vlan-id 961;
            family inet {
                accounting {
                    destination-class-usage;
                }
                filter {
                    input IDS-ZYNAPCOLO-TO-NET-ANTI-SPOOF;
                    output NET-TO-IDS-ZYNAPCOLO-ANTI-SPOOF;
                }
                address 213.174.199.210/29 {
                    vrrp-group 161 {
                        virtual-address 213.174.199.209;
                        priority 251;
                    }
                }
            }
        }
        unit 969 {
            description "B&Q Co-Lo";
            vlan-id 969;
            family inet {
                accounting {
                    destination-class-usage;
                }
                filter {
                    input IDS-BANDQCOLO-TO-NET-ANTI-SPOOF;
                }
                address 10.83.54.162/29 {
                    vrrp-group 169 {
                        virtual-address 10.83.54.161;
                        priority 251;
                    }
                }
            }
        }
        unit 972 {
            description "iNext Co-Lo";
            vlan-id 972;
            family inet {
                accounting {
                    destination-class-usage;
                }
                filter {
                    input IDS-INEXTCOLO-TO-NET-ANTI-SPOOF;
                    output NET-TO-IDS-INEXTCOLO-ANTI-SPOOF;
                }
                address 213.174.199.114/29 {
                    vrrp-group 72 {
                        virtual-address 213.174.199.113;
                        priority 101;
                    }
                }
            }
        }
        unit 978 {
            description "Inchcape Co-Lo First POD";
            vlan-id 978;
            family inet {
                accounting {
                    destination-class-usage;
                }
                filter {
                    input IDS-INCHCAPECOLO-TO-NET-ANTI-SPOOF;
                    output NET-TO-IDS-INCHCAPECOLO-ANTI-SPOOF;
                }
                address 213.174.203.2/26 {
                    vrrp-group 72 {
                        virtual-address 213.174.203.1;
                        priority 101;
                    }
                }
            }
        }
    }
    at-0/1/0 {
        description "Future OC12 ATM for customer access via 550 - test rancid";
        disable;
        clocking internal;
        encapsulation atm-pvc;
        sonet-options {
            payload-scrambler;
        }
        atm-options {
            vpi 1 {
                maximum-vcs 512;
            }
            vpi 2 {
                maximum-vcs 512;
            }
        }
    }
    so-0/3/0 {
        description "OC12 to SCR2.Lond6:so-0/3/0 part1 of as0";
        sonet-options {
            rfc-2615;
            aggregate as0;
        }
    }
    at-1/1/0 {
        description "OC12 atm to 550  uklond6.ag:3.9";
        mtu 4482;
        clocking internal;
        encapsulation atm-pvc;
        sonet-options {
            payload-scrambler;
        }
        atm-options {
            vpi 1 {
                maximum-vcs 256;
            }
            vpi 2 {
                maximum-vcs 256;
            }
            vpi 8 {
                maximum-vcs 1024;
            }
        }
        unit 105 {
            description "Test Hybrid - VLAN822";
            encapsulation atm-snap;
            vci 1.105;
            oam-period 3;
            oam-liveness {
                up-count 3;
                down-count 3;
            }
            family inet {
                accounting {
                    destination-class-usage;
                }
                mtu 1500;
                address 213.174.193.65/30;
            }
        }
        unit 106 {
            description "Fish4 Production - VLAN823";
            encapsulation atm-snap;
            vci 1.106;
            oam-period 3;
            oam-liveness {
                up-count 3;
                down-count 3;
            }
            family inet {
                accounting {
                    destination-class-usage;
                }
                mtu 1500;
                address 213.174.193.81/30;
            }
        }
        unit 107 {
            description "Axon Production - VLAN872";
            encapsulation atm-snap;
            vci 1.107;
            oam-period 3;
            oam-liveness {
                up-count 3;
                down-count 3;
            }
            family inet {
                accounting {
                    destination-class-usage;
                }
                mtu 1500;
                address 213.174.193.33/30;
            }
        }
        unit 108 {
            description "Medtronic - VLAN893";
            encapsulation atm-snap;
            vci 1.108;
            oam-period 3;
            oam-liveness {
                up-count 3;
                down-count 3;
            }
            family inet {
                accounting {
                    destination-class-usage;
                }
                mtu 1500;
                address 213.174.193.93/30;
            }
        }
        unit 109 {
            description "Screwfix Production - VLAN879";
            encapsulation atm-snap;
            vci 1.109;
            oam-period 3;
            oam-liveness {
                up-count 3;
                down-count 3;
            }
            family inet {
                accounting {
                    destination-class-usage;
                }
                mtu 1500;
                address 213.174.193.161/30;
            }
        }
        unit 110 {
            description "Screwfix DR - VLAN332";
            encapsulation atm-snap;
            vci 1.110;
            oam-period 3;
            oam-liveness {
                up-count 3;
                down-count 3;
            }
            family inet {
                accounting {
                    destination-class-usage;
                }
                mtu 1500;
                address 213.174.193.169/30;
            }
        }
        unit 111 {
            description "Easybroker Production - VLAN869";
            encapsulation atm-snap;
            vci 1.111;
            oam-period 3;
            oam-liveness {
                up-count 3;
                down-count 3;
            }
            family inet {
                accounting {
                    destination-class-usage;
                }
                mtu 1500;
                address 213.174.193.177/30;
            }
        }
        unit 112 {
            description "Easybroker Test - VLAN868";
            encapsulation atm-snap;
            vci 1.112;
            oam-period 3;
            oam-liveness {
                up-count 3;
                down-count 3;
            }
            family inet {
                accounting {
                    destination-class-usage;
                }
                mtu 1500;
                address 213.174.193.201/30;
            }
        }
        unit 113 {
            description "LME_WEB - VLAN864";
            encapsulation atm-snap;
            vci 1.113;
            oam-period 3;
            oam-liveness {
                up-count 3;
                down-count 3;
            }
            family inet {
                accounting {
                    destination-class-usage;
                }
                mtu 1500;
                address 213.174.193.89/30;
            }
        }
        unit 114 {
            description "LME_CORP - VLAN866";
            encapsulation atm-snap;
            vci 1.114;
            oam-period 3;
            oam-liveness {
                up-count 3;
                down-count 3;
            }
            family inet {
                accounting {
                    destination-class-usage;
                }
                mtu 1500;
                address 213.174.193.213/30;
            }
        }
        unit 115 {
            description "LMUK Production - VLAN877";
            encapsulation atm-snap;
            vci 1.115;
            oam-period 3;
            oam-liveness {
                up-count 3;
                down-count 3;
            }
            family inet {
                accounting {
                    destination-class-usage;
                }
                mtu 1500;
                address 213.174.193.217/30;
            }
        }
        unit 116 {
            description "LMUK Development - VLAN333";
            encapsulation atm-snap;
            vci 1.116;
            oam-period 3;
            oam-liveness {
                up-count 3;
                down-count 3;
            }
            family inet {
                accounting {
                    destination-class-usage;
                }
                mtu 1500;
                address 213.174.193.233/30;
            }
        }
        unit 117 {
            description "Reception Room - VLAN990";
            encapsulation atm-snap;
            vci 1.117;
            oam-period 3;
            oam-liveness {
                up-count 3;
                down-count 3;
            }
            family inet {
                accounting {
                    destination-class-usage;
                }
                mtu 1500;
                address 213.174.193.189/30;
            }
        }
        unit 118 {
            description "Gaming Boarse Production - VLAN853";
            encapsulation atm-snap;
            vci 1.118;
            oam-period 3;
            oam-liveness {
                up-count 3;
                down-count 3;
            }
            family inet {
                accounting {
                    destination-class-usage;
                }
                mtu 1500;
                address 213.174.193.129/30;
            }
        }
        unit 710 {
            description "DRAIN for uklond6_01.bsn-a:cntx04";
            encapsulation atm-snap;
            point-to-point;
            vci 8.710;
            family inet {
                accounting {
                    destination-class-usage;
                }
                mtu 4470;
                filter {
                    input uklond6_01_cntx04_ingress;
                    output uklond6_01_cntx04_egress;
                }
                address 206.24.172.81/30;
            }
        }
        unit 711 {
            description "DRAIN for uklond6_01.bsn-a:cntx11";
            encapsulation atm-snap;
            point-to-point;
            vci 8.711;
            family inet {
                accounting {
                    destination-class-usage;
                }
                mtu 4470;
                address 206.24.172.129/30;
            }
        }
        unit 713 {
            description "DRAIN for uklond6_01.bsn-a:cntx13";
            encapsulation atm-snap;
            point-to-point;
            vci 8.713;
            family inet {
                accounting {
                    destination-class-usage;
                }
                mtu 4470;
                address 206.24.172.133/30;
            }
        }
        unit 714 {
            description "DRAIN for uklond6_01.bsn-a:cntx14";
            encapsulation atm-snap;
            point-to-point;
            vci 8.714;
            family inet {
                accounting {
                    destination-class-usage;
                }
                mtu 4470;
                address 206.24.172.137/30;
            }
        }
        unit 920 {
            description "fhr1.lo6 to kar1.nyr at-0/3/0.920";
            encapsulation atm-snap;
            point-to-point;
            vci 8.920;
            family inet {
                address 204.70.145.2/30;
            }
        }
        unit 930 {
            description "fhr1.lo6 to kar2.nyr at-0/3/0.930";
            encapsulation atm-snap;
            point-to-point;
            vci 8.930;
            family inet {
                address 204.70.148.6/30;
            }
        }
        unit 940 {
            description "To dcr1.frx at-2/0/0.940";
            encapsulation atm-snap;
            point-to-point;
            vci 8.940;
            family inet {
                address 204.70.192.229/30;
            }
        }
        unit 950 {
            description "fhr1.lo6 to acr2.frx at-2/0/0.950";
            encapsulation atm-snap;
            point-to-point;
            vci 8.950;
            family inet {
                address 204.70.192.233/30;
            }
            family iso;
            family mpls;
        }
        unit 960 {
            description "fhr1.lo6 to bcr1.lnx at-3/1/0:960";
            encapsulation atm-snap;
            point-to-point;
            vci 8.960;
            family inet {
                address 206.24.172.69/30;
            }
            family iso;
            family mpls;
        }
        unit 970 {
            description "fhr1.lo6 to bcr2.lnx at-3/1/0:970";
            encapsulation atm-snap;
            point-to-point;
            vci 8.970;
            family inet {
                address 206.24.172.73/30;
            }
            family iso;
            family mpls;
        }
    }
    so-1/3/0 {
        description "OC12 to SCR2.Lond6:so-1/3/0 part2 of as0";
        sonet-options {
            rfc-2615;
            aggregate as0;
        }
    }
    as0 {
        description "Bonded OC12 to SCR2.Lond6:as0";
        aggregated-sonet-options {
            link-speed oc12;
        }
        unit 0 {
            family inet {
                address 206.24.172.77/30;
            }
            family iso;
            family mpls;
        }
    }
    dsc {
        unit 0 {
            family inet {
                address 206.24.194.50/32 {
                    destination 206.24.194.51;
                }
            }
        }
    }
    lo0 {
        unit 0 {
            family inet {
                primary;
                filter {
                    input ACL10;
                }
                address 206.24.172.64/32 {
                    primary;
                    preferred;
                }
                address 208.174.15.156/32;
            }
            family iso {
                address 47.0005.80ff.e200.000a.0000.3200.02aa.ce18.ac40.00;
            }
        }
    }
}
snmp {
    description for-snmp;
    community marzbar {
        authorization read-only;
        clients {
            209.83.194.0/24;
        }
    }
    community mvJuwJIkTJcPel2z {
        authorization read-only;
    }
}
accounting-options {
    file ddos2 {
        files 10;
    }
    file ddos3 {
        files 10;
    }
    class-usage-profile ddos2 {
        file ddos2;
        interval 1;
        destination-classes {
            dos-victim2;
        }
    }
    class-usage-profile ddos3 {
        file ddos3;
        interval 1;
        destination-classes {
            dos-victim3;
        }
    }
}
routing-options {
    interface-routes {
        rib-group inet ifrg;
    }
    static {
        route 213.174.195.80/28 {
            qualified-next-hop at-1/1/0.108 {
                preference 230;
            }
        }
        route 213.174.196.128/28 {
            qualified-next-hop at-1/1/0.110 {
                preference 230;
            }
        }
        route 213.174.196.192/28 {
            qualified-next-hop at-1/1/0.105 {
                preference 230;
            }
        }
        route 213.174.197.208/28 {
            qualified-next-hop at-1/1/0.112 {
                preference 230;
            }
        }
        route 213.174.200.96/28 {
            qualified-next-hop at-1/1/0.117 {
                preference 230;
            }
        }
        route 213.174.201.0/28 {
            qualified-next-hop at-1/1/0.113 {
                preference 230;
            }
        }
        route 213.174.201.32/32 {
            qualified-next-hop at-1/1/0.114 {
                preference 230;
            }
        }
        route 213.174.201.64/32 {
            qualified-next-hop at-1/1/0.107 {
                preference 230;
            }
        }
        route 213.174.192.0/25 next-hop 213.174.206.233;
        route 213.174.192.208/29 next-hop 213.174.206.9;
        route 213.174.192.216/29 next-hop 213.174.206.9;
        route 213.174.193.0/28 next-hop 213.174.207.105;
        route 213.174.195.0/26 next-hop 213.174.206.25;
        route 213.174.195.112/28 next-hop 213.174.206.249;
        route 213.174.195.128/28 next-hop 213.174.206.113;
        route 213.174.195.176/28 next-hop 213.174.206.97;
        route 213.174.195.224/28 next-hop 213.174.206.81;
        route 213.174.196.0/28 next-hop 213.174.206.169;
        route 213.174.196.16/28 next-hop 213.174.206.105;
        route 213.174.196.32/28 next-hop 213.174.206.241;
        route 213.174.196.64/28 next-hop 213.174.206.121;
        route 213.174.196.160/28 next-hop 213.174.206.241;
        route 213.174.196.176/28 next-hop 213.174.207.49;
        route 213.174.196.224/29 next-hop 213.174.206.137;
        route 213.174.196.240/28 next-hop 213.174.207.113;
        route 213.174.198.0/27 next-hop 213.174.207.57;
        route 213.174.198.32/27 next-hop 213.174.207.73;
        route 213.174.198.64/27 next-hop 213.174.207.89;
        route 213.174.198.192/29 next-hop 213.174.206.185;
        route 213.174.198.208/28 next-hop 213.174.206.65;
        route 213.174.198.240/29 next-hop 213.174.207.1;
        route 213.174.199.0/27 next-hop 213.174.206.211;
        route 213.174.199.64/27 next-hop 213.174.207.17;
        route 213.174.199.96/28 next-hop 213.174.206.201;
        route 213.174.199.128/29 next-hop 213.174.206.33;
        route 213.174.199.144/29 next-hop 213.174.206.177;
        route 213.174.199.160/27 next-hop 213.174.206.161;
        route 213.174.200.0/28 next-hop 213.174.206.145;
        route 213.174.200.80/28 next-hop 213.174.206.17;
        route 213.174.200.128/29 next-hop 213.174.206.217;
        route 213.174.200.144/28 next-hop 213.174.207.33;
        route 213.174.200.192/27 next-hop 213.174.207.9;
        route 213.174.201.96/28 next-hop 213.174.207.129;
        route 213.174.201.128/25 next-hop 213.174.206.233;
        route 213.174.202.160/27 next-hop 213.174.206.241;
        route 213.174.205.0/24 next-hop 213.174.207.41;
        route 213.174.207.116/32 next-hop 213.174.207.113;
        route 213.174.198.128/27 next-hop 213.174.199.118;
        route 213.174.199.224/27 next-hop 213.174.199.118;
        route 213.174.195.64/29 next-hop 10.83.54.166;
        route 213.174.202.128/27 next-hop 10.83.54.166;
        route 213.174.197.176/28 next-hop at-1/1/0.111;
        route 213.174.200.32/28 next-hop at-1/1/0.109;
        route 213.174.202.0/25 next-hop at-1/1/0.106;
        route 213.174.196.96/28 next-hop 213.174.207.137;
        route 213.174.195.72/29 next-hop 213.174.206.73;
        route 213.174.192.144/28 next-hop 213.174.207.81;
        route 213.174.200.224/28 next-hop 213.174.207.153;
        route 213.174.203.192/28 next-hop 213.174.207.178;
        route 213.174.202.192/27 {
            qualified-next-hop at-1/1/0.115 {
                preference 230;
            }
        }
        route 213.174.202.224/28 {
            qualified-next-hop at-1/1/0.115 {
                preference 230;
            }
        }
        route 213.174.197.128/27 {
            qualified-next-hop at-1/1/0.115 {
                preference 230;
            }
        }
        route 213.174.198.160/28 next-hop 213.174.207.161;
        route 213.174.203.224/27 next-hop 213.174.207.185;
        route 213.174.198.184/29 next-hop 213.174.207.169;
        route 213.174.203.160/28 next-hop 213.174.207.201;
        route 213.174.203.144/29 next-hop 213.174.207.209;
        route 213.174.196.232/29 next-hop 213.174.207.193;
        route 213.174.197.224/28 next-hop 213.174.207.217;
        route 213.174.192.128/29 next-hop 213.174.207.225;
        route 213.174.203.208/29 next-hop 213.174.207.233;
        route 213.174.197.240/28 next-hop 213.174.207.249;
        route 213.174.203.216/29 next-hop 213.174.207.241;
        route 213.174.196.112/28 next-hop 213.174.206.13;
        route 213.174.198.176/29 next-hop 213.174.206.21;
        route 213.174.198.251/32 next-hop 213.174.206.53;
        route 213.174.197.0/25 next-hop 213.174.206.69;
        route 212.117.224.192/26 next-hop 213.174.206.61;
        route 213.174.198.250/32 next-hop 213.174.206.37;
        route 213.174.198.252/32 next-hop 213.174.206.77;
        route 213.174.198.253/32 next-hop 213.174.206.109;
        route 212.124.227.48/28 next-hop 213.174.206.93;
        route 82.118.66.0/24 next-hop 213.174.206.125;
        route 82.118.67.0/24 next-hop 213.174.206.133;
        route 82.118.65.112/28 next-hop 213.174.206.141;
        route 213.174.199.48/29 next-hop 213.174.207.65;
        route 82.118.65.192/26 next-hop 213.174.206.173;
        route 82.118.71.0/27 next-hop 213.174.206.117;
        route 82.118.95.96/27 next-hop 213.174.206.149;
        route 213.174.201.112/28 next-hop 213.174.207.145;
        route 212.124.251.176/28 next-hop 213.174.206.165;
        route 213.174.200.16/28 next-hop 213.174.206.45;
        route 212.124.226.88/29 next-hop 213.174.206.157;
        route 82.118.71.64/26 next-hop 213.174.206.157;
        route 213.174.198.192/28 next-hop 213.174.206.185;
        route 206.24.172.144/28 next-hop 213.174.206.9;
        route 82.118.70.0/24 next-hop 213.174.206.181;
        route 212.124.251.160/28 next-hop at-1/1/0.108;
        route 82.118.65.96/29 next-hop 213.174.206.181;
        route 212.124.252.112/28 next-hop 213.174.206.101;
        route 206.24.172.192/26 next-hop 213.174.207.9;
        route 212.124.253.32/28 next-hop 213.174.206.189;
        route 212.124.227.160/27 next-hop 213.174.206.197;
        route 212.124.239.192/27 next-hop 213.174.207.217;
        route 212.117.224.112/28 next-hop 213.174.206.205;
        route 212.124.240.0/28 next-hop 213.174.206.213;
        route 216.219.74.0/23 next-hop 213.174.206.221;
        route 0.0.0.0/0 {
            discard;
            no-install;
        }
        route 212.124.240.176/28 next-hop 213.174.206.229;
        route 212.124.236.32/29 next-hop 213.174.206.237;
        route 212.124.224.64/28 next-hop 213.174.206.197;
        route 212.124.241.208/28 next-hop 213.174.206.245;
        route 213.174.193.128/27 next-hop at-1/1/0.109;
        route 212.124.241.240/28 next-hop 213.174.207.5;
        route 213.174.192.0/19 reject;
    }
    rib-groups {
        mcrg {
            export-rib inet.2;
            import-rib inet.2;
        }
        ifrg {
            import-rib [ inet.0 inet.2 ];
        }
        mcast-rpf-rib {
            import-rib inet.2;
        }
        ios-isis-routes {
            import-rib [ inet.0 inet.2 ];
            import-policy isis-tag;
        }
        static-rg {
            import-rib [ inet.0 inet.2 ];
            import-policy deny-default;
        }
    }
    router-id 206.24.172.64;
    autonomous-system 3561;
    forwarding-table {
        export [ per-flow-load-balancing ddostracking2 ddostracking3 ];
    }
}
protocols {
    rsvp {
        traceoptions {
            file rsvp-log size 1m files 10;
            flag error;
            flag state;
        }
        interface all;
    }
    mpls {
        statistics {
            file mpls-stat;
            interval 160;
        }
        log-updown {
            syslog;
            trap;
        }
        traceoptions {
            file mpls-log size 1m files 10;
            flag state;
            flag error;
        }
        interface all;
    }
    bgp {
        traceoptions {
            file bgp size 1m files 5;
            flag state send receive detail;
            flag open send receive detail;
        }
        hold-time 180;
        log-updown;
        damping;
        group internal {
            type internal;
            family inet {
                unicast;
                multicast;
            }
            authentication-key "$9$nOLcCpOEcyv8xSysgoaUD3n/90B";
            export [ next-hop-self announce-local ];
            peer-as 3561;
            neighbor 206.24.168.27 {
                description bcr1.lnx;
            }
            neighbor 206.24.168.28 {
                description bcr2.lnx;
            }
            neighbor 206.24.168.1 {
                description dar1.lnx;
            }
            neighbor 206.24.168.2 {
                description iar1.lnx;
            }
            neighbor 206.24.172.96 {
                description fhr2.lo6;
                export [ next-hop-self announce-local redistribute-direct ];
            }
            neighbor 204.70.145.1 {
                description kar1.nyr:at-0/3/0.920;
                local-address 204.70.145.2;
            }
            neighbor 204.70.148.5 {
                description kar2.nyr:at-0/3/0.930;
                local-address 204.70.148.6;
            }
        }
        group AS65530 {
            type external;
            description "The Carlyle Group";
            multihop {
                ttl 1;
            }
            import [ AS65530-DDoS cisco-damping filter-multihomed-customer color-external-neighbor set-customer-private-ASN-local-pref AS65530 ];
            export [ default-originate deny-all ];
            remove-private;
            peer-as 65530;
            neighbor 165.193.172.74;
        }
        group shasta {
            type external;
            description "multiple context on Nortel Shasta";
            import [ color-external-neighbor set-comm-shasta prefix-shasta ];
            authentication-key "$9$cVvSrv2gJHqfgo39puEhVwYg4ZjHmP5F";
            export [ default-originate deny-all ];
            remove-private;
            neighbor 206.24.172.82 {
                description uklond1_01.bsn-a:cntx04;
                peer-as 65090;
            }
            neighbor 206.24.172.130 {
                description uklond1_01.bsn-a:cntx11;
                peer-as 65091;
            }
            neighbor 206.24.172.134 {
                description uklond1_01.bsn-a:cntx13;
                peer-as 65093;
            }
            neighbor 206.24.172.138 {
                description uklond1_01.bsn-a:cntx14;
                peer-as 65094;
            }
        }
    }
    isis {
        traceoptions {
            file log-adjacency-changes size 1m files 10;
            flag error;
            flag normal;
            flag state;
        }
        lsp-lifetime 65535;
        multicast-topology;
        level 1 wide-metrics-only;
        level 2 wide-metrics-only;
        interface at-1/1/0.950 {
            lsp-interval 50;
            level 2 {
                metric 35;
                hello-interval 10;
                hold-time 60;
            }
            level 1 disable;
        }
        interface at-1/1/0.960 {
            lsp-interval 50;
            level 2 {
                metric 10;
                hello-interval 10;
                hold-time 60;
            }
            level 1 disable;
        }
        interface at-1/1/0.970 {
            lsp-interval 50;
            level 2 {
                metric 10;
                hello-interval 10;
                hold-time 60;
            }
            level 1 disable;
        }
        interface as0.0 {
            lsp-interval 50;
            level 2 {
                metric 2;
                hello-interval 10;
                hold-time 60;
            }
            level 1 {
                metric 2;
                hello-interval 10;
                hold-time 60;
            }
        }
        interface lo0.0 {
            lsp-interval 50;
            passive;
            level 2 disable;
        }
    }
    ldp {
        traceoptions {
            file ldp-log size 1m files 10;
            flag error;
            flag state;
        }
        track-igp-metric;
        import block-general-ldp-routes;
        egress-policy export-sec-loopback;
        transport-address 208.174.15.156;
        interface at-1/1/0.950;
        interface at-1/1/0.960;
        interface at-1/1/0.970;
        interface as0.0;
        interface lo0.0;
    }
    pim {
        traceoptions {
            file pim size 8m files 2;
            flag general;
        }
        rib-group inet mcrg;
        rp {
            static {
                address 206.24.194.40;
            }
        }
        interface lo0.0 {
            mode sparse;
            version 2;
        }
        interface at-1/1/0.960 {
            mode sparse;
            version 2;
        }
        interface at-1/1/0.970 {
            mode sparse;
            version 2;
        }
    }
}
policy-options {
    prefix-list snmp-list {
        64.14.144.153/32;
        64.14.144.154/32;
        64.14.144.155/32;
        64.14.144.156/32;
        64.14.144.157/32;
        64.14.144.158/32;
        64.41.189.214/32;
        64.41.251.174/32;
        64.242.52.23/32;
        167.215.232.0/24;
        204.70.128.30/32;
        204.70.128.31/32;
        204.70.128.81/32;
        204.70.128.202/32;
        204.70.133.240/32;
        204.70.133.243/32;
        204.70.133.244/32;
        204.71.36.18/32;
        204.71.36.39/32;
        204.71.36.225/32;
        204.71.40.160/32;
        206.24.168.45/32;
        206.24.209.15/32;
        206.24.224.24/32;
        206.24.224.25/32;
        208.172.0.23/32;
        208.172.0.25/32;
        208.172.33.25/32;
        208.172.64.23/32;
        208.172.80.23/32;
        208.172.128.23/32;
        208.172.160.23/32;
        208.172.225.6/32;
        208.174.48.45/32;
        208.174.56.45/32;
        208.175.109.17/32;
        208.175.168.18/32;
        208.175.184.45/32;
        209.83.194.12/32;
        209.83.194.104/32;
        209.83.194.105/32;
        209.83.194.106/32;
        209.83.194.107/32;
        209.83.194.108/32;
        209.83.194.109/32;
        209.83.194.110/32;
        209.83.194.111/32;
        209.83.194.112/32;
        209.83.194.113/32;
        209.83.194.114/32;
        209.83.194.115/32;
        209.83.194.188/32;
        209.83.194.221/32;
        209.83.194.222/32;
        209.83.194.224/32;
        209.83.194.225/32;
        209.83.194.226/32;
        209.83.194.228/32;
        209.83.194.231/32;
        209.83.194.251/32;
        209.225.10.240/32;
        216.33.108.73/32;
        216.33.108.75/32;
        216.74.153.230/32;
        216.177.76.156/32;
        216.182.78.36/32;
    }
    prefix-list ntp-list {
        apply-path "system ntp server <*>";
    }
    prefix-list syslog-list {
        204.70.133.240/32;
        204.71.36.44/32;
        204.71.36.45/32;
        216.90.89.68/32;
    }
    prefix-list ssh-list {
        64.41.189.214/32;
        167.215.232.85/32;
        204.70.3.0/24;
        204.70.133.240/32;
        204.70.133.243/32;
        204.70.133.244/32;
        204.71.36.0/23;
        204.71.247.104/32;
        206.24.168.0/25;
        206.24.194.0/25;
        206.24.210.0/25;
        206.24.226.0/25;
        208.172.2.0/25;
        208.172.18.0/25;
        208.172.34.0/25;
        208.172.50.0/25;
        208.172.66.0/25;
        208.172.82.0/25;
        208.172.98.0/25;
        208.172.130.0/25;
        208.172.146.0/25;
        208.172.162.0/25;
        208.172.226.0/25;
        208.174.2.0/25;
        208.174.15.0/24;
        208.174.48.0/25;
        208.174.56.0/25;
        208.175.170.0/25;
        208.175.184.0/25;
        209.1.40.0/24;
        209.1.220.0/24;
        209.83.159.0/24;
        209.83.194.0/24;
        209.225.10.235/32;
        212.124.244.44/32;
        216.33.108.73/32;
        216.35.132.15/32;
    }
    prefix-list bgp-list {
        apply-path "protocols bgp group <*> neighbor <*>";
    }
    prefix-list non-routable-list {
        0.0.0.0/7;
        2.0.0.0/8;
        5.0.0.0/8;
        7.0.0.0/8;
        10.0.0.0/8;
        23.0.0.0/8;
        27.0.0.0/8;
        31.0.0.0/8;
        36.0.0.0/7;
        39.0.0.0/8;
        42.0.0.0/8;
        49.0.0.0/8;
        50.0.0.0/8;
        77.0.0.0/8;
        78.0.0.0/7;
        92.0.0.0/6;
        96.0.0.0/4;
        112.0.0.0/5;
        120.0.0.0/8;
        127.0.0.0/8;
        169.254.0.0/16;
        172.16.0.0/12;
        173.0.0.0/8;
        174.0.0.0/7;
        176.0.0.0/5;
        184.0.0.0/6;
        192.0.2.0/24;
        192.168.0.0/16;
        197.0.0.0/8;
        198.18.0.0/15;
        223.0.0.0/8;
        224.0.0.0/3;
    }
    prefix-list accept-prot-55 {
        24.237.7.155/32;
        130.76.118.134/32;
        134.205.148.227/32;
        192.187.8.122/32;
    }
    prefix-list SObigF_prefix {
        12.158.102.205/32;
        12.232.104.221/32;
        24.33.66.38/32;
        24.197.143.132/32;
        24.202.91.43/32;
        24.206.75.137/32;
        24.210.182.156/32;
        61.38.18.59/32;
        63.250.82.87/32;
        65.92.80.218/32;
        65.92.186.145/32;
        65.93.81.59/32;
        65.95.193.138/32;
        65.177.240.194/32;
        66.131.207.81/32;
        67.9.241.67/32;
        67.73.21.6/32;
        68.38.159.161/32;
        68.50.20.96/32;
        218.147.164.29/32;
    }
    prefix-list bad-guys-list {
        204.70.0.0/32;
    }
    prefix-list ddos-target-list {
        204.70.0.0/32;
    }
    prefix-list ldp-list {
        202.126.0.4/32;
        206.24.194.103/32;
        206.24.194.104/32;
        206.24.226.97/32;
        206.24.226.98/32;
        208.172.130.101/32;
        208.172.130.102/32;
        208.172.162.17/32;
        208.172.162.18/32;
        208.173.155.168/32;
        208.174.15.1/32;
        208.174.15.2/32;
        208.174.15.3/32;
        208.174.15.4/32;
        208.174.15.5/32;
        208.174.15.6/32;
        208.174.15.8/32;
        208.174.15.9/32;
        208.174.15.10/32;
        208.174.15.12/32;
        208.174.15.13/32;
        208.174.15.14/32;
        208.174.15.15/32;
        208.174.15.16/32;
        208.174.15.17/32;
        208.174.15.18/32;
        208.174.15.19/32;
        208.174.15.21/32;
        208.174.15.22/32;
        208.174.15.23/32;
        208.174.15.25/32;
        208.174.15.26/32;
        208.174.15.31/32;
        208.174.15.32/32;
        208.174.15.33/32;
        208.174.15.34/32;
        208.174.15.35/32;
        208.174.15.36/32;
        208.174.15.37/32;
        208.174.15.38/32;
        208.174.15.39/32;
        208.174.15.40/32;
        208.174.15.41/32;
        208.174.15.42/32;
        208.174.15.43/32;
        208.174.15.44/32;
        208.174.15.45/32;
        208.174.15.46/32;
        208.174.15.47/32;
        208.174.15.48/32;
        208.174.15.50/32;
        208.174.15.51/32;
        208.174.15.52/32;
        208.174.15.53/32;
        208.174.15.54/32;
        208.174.15.55/32;
        208.174.15.56/32;
        208.174.15.58/32;
        208.174.15.60/32;
        208.174.15.61/32;
        208.174.15.62/32;
        208.174.15.63/32;
        208.174.15.64/32;
        208.174.15.66/32;
        208.174.15.67/32;
        208.174.15.68/32;
        208.174.15.70/32;
        208.174.15.72/32;
        208.174.15.73/32;
        208.174.15.74/32;
        208.174.15.76/32;
        208.174.15.80/32;
        208.174.15.81/32;
        208.174.15.96/32;
        208.174.15.97/32;
        208.174.15.98/32;
        208.174.15.100/32;
        208.174.15.101/32;
        208.174.15.106/32;
        208.174.15.107/32;
        208.174.15.108/32;
        208.174.15.109/32;
        208.174.15.130/32;
        208.174.15.131/32;
        208.174.15.141/32;
        208.174.15.143/32;
        208.174.15.144/32;
        208.174.15.146/32;
        208.174.15.149/32;
        208.174.15.156/32;
        208.174.15.157/32;
        208.174.15.158/32;
        208.174.15.159/32;
        208.174.15.160/32;
        209.83.159.1/32;
        209.83.159.3/32;
        209.83.159.4/32;
        209.83.159.6/32;
        209.83.159.7/32;
        209.83.159.106/32;
        209.83.159.107/32;
        209.83.159.115/32;
    }
    prefix-list msdp-list {
        apply-path "protocols msdp group <*> peer <*>";
    }
    prefix-list dns-list {
        apply-path "system name-server <*>";
    }
    prefix-list pim {
        apply-path "policy-options policy-statement announce-networks term announce-networks from route-filter <*> ";
    }
    prefix-list radius-list {
        apply-path "system radius-server <*>";
    }
    prefix-list core-list {
        204.70.3.0/24;
        206.24.168.0/25;
        206.24.194.0/25;
        206.24.210.0/25;
        206.24.226.0/25;
        208.172.2.0/25;
        208.172.18.0/25;
        208.172.34.0/25;
        208.172.50.0/25;
        208.172.66.0/25;
        208.172.82.0/25;
        208.172.98.0/25;
        208.172.130.0/25;
        208.172.146.0/25;
        208.172.162.0/25;
        208.172.226.0/25;
        208.174.2.0/25;
        208.174.15.0/24;
        208.174.48.0/25;
        208.174.56.0/25;
        208.175.170.0/25;
        208.175.184.0/25;
        209.1.40.0/24;
        209.1.220.0/24;
        209.83.159.0/24;
    }
    prefix-list host-list {
        63.136.120.0/21;
        64.41.189.214/32;
        167.215.232.0/24;
        167.215.232.85/32;
        204.70.133.240/32;
        204.70.133.243/32;
        204.70.133.244/32;
        204.71.36.0/23;
        204.71.39.13/32;
        204.71.247.104/32;
        206.24.172.144/32;
        209.83.194.0/24;
        209.225.10.235/32;
        212.124.244.44/32;
        216.33.108.73/32;
        216.35.132.15/32;
    }
    policy-statement next-hop-self {
        from color 135;
        then {
            next-hop self;
        }
    }
    policy-statement color-external-neighbor {
        then {
            color 135;
        }
    }
    policy-statement filter-resrv-swamp-prefix {
        term step1 {
            from {
                route-filter 0.0.0.0/7 orlonger reject;
                route-filter 2.0.0.0/8 orlonger reject;
                route-filter 5.0.0.0/8 orlonger reject;
                route-filter 7.0.0.0/8 orlonger reject;
                route-filter 10.0.0.0/8 orlonger reject;
                route-filter 23.0.0.0/8 orlonger reject;
                route-filter 27.0.0.0/8 orlonger reject;
                route-filter 31.0.0.0/8 orlonger reject;
                route-filter 36.0.0.0/7 orlonger reject;
                route-filter 39.0.0.0/8 orlonger reject;
                route-filter 42.0.0.0/8 orlonger reject;
                route-filter 49.0.0.0/8 orlonger reject;
                route-filter 50.0.0.0/8 orlonger reject;
                route-filter 77.0.0.0/8 orlonger reject;
                route-filter 78.0.0.0/7 orlonger reject;
                route-filter 92.0.0.0/6 orlonger reject;
                route-filter 96.0.0.0/4 orlonger reject;
                route-filter 112.0.0.0/5 orlonger reject;
                route-filter 127.0.0.0/8 orlonger reject;
                route-filter 169.254.0.0/16 orlonger reject;
                route-filter 172.16.0.0/12 orlonger reject;
                route-filter 173.0.0.0/8 orlonger reject;
                route-filter 174.0.0.0/7 orlonger reject;
                route-filter 176.0.0.0/5 orlonger reject;
                route-filter 184.0.0.0/6 orlonger reject;
                route-filter 192.0.2.0/24 orlonger reject;
                route-filter 192.168.0.0/16 orlonger reject;
                route-filter 197.0.0.0/8 orlonger reject;
                route-filter 198.18.0.0/15 orlonger reject;
                route-filter 223.0.0.0/8 orlonger reject;
                route-filter 224.0.0.0/3 orlonger reject;
                route-filter 120.0.0.0/8 orlonger reject;
            }
        }
        term step2 {
            from {
                route-filter 0.0.0.0/0 upto /6;
            }
            then reject;
        }
        term step3 {
            from {
                route-filter 0.0.0.0/0 upto /24 next policy;
            }
        }
        term step4 {
            then reject;
        }
    }
    policy-statement filter-multihomed-customer {
        from as-path swamp;
        then reject;
    }
    policy-statement cisco-damping {
        then damping cisco;
    }
    policy-statement export-full-routes {
        term AS4293 {
            from {
                as-path as4293-routes;
                policy find-specifics;
            }
            then reject;
        }
        term comm-customer {
            from community comm-customer;
            then {
                community delete comm-wild;
                accept;
            }
        }
        term comm-peer {
            from community comm-peer;
            then {
                community delete comm-wild;
                accept;
            }
        }
        then {
            community delete comm-wild;
            next policy;
        }
    }
    policy-statement private-as-filter {
        from as-path private-as;
        then reject;
    }
    policy-statement filter-specifics {
        term one {
            from {
                route-filter 199.242.24.0/23 exact;
                route-filter 206.220.224.0/22 exact;
                route-filter 209.27.56.0/22 exact;
                route-filter 206.128.220.0/22 exact;
                route-filter 204.188.128.0/21 exact;
                route-filter 207.189.88.0/21 exact;
                route-filter 206.154.56.0/21 exact;
                route-filter 63.136.120.0/21 exact;
                route-filter 206.99.112.0/21 exact;
                route-filter 206.97.16.0/21 exact;
                route-filter 208.138.160.0/21 exact;
                route-filter 208.157.152.0/21 exact;
                route-filter 199.242.16.0/21 exact;
                route-filter 206.128.208.0/21 exact;
                route-filter 204.194.8.0/21 exact;
                route-filter 209.143.192.0/20 exact;
                route-filter 216.118.192.0/20 exact;
                route-filter 206.97.0.0/20 exact;
                route-filter 66.128.224.0/20 exact;
                route-filter 66.128.64.0/20 exact;
                route-filter 206.28.160.0/20 exact;
                route-filter 216.144.64.0/20 exact;
                route-filter 206.151.32.0/20 exact;
                route-filter 216.182.160.0/20 exact;
                route-filter 216.182.64.0/20 exact;
                route-filter 216.19.160.0/20 exact;
                route-filter 216.219.64.0/20 exact;
                route-filter 216.219.96.0/20 exact;
                route-filter 206.132.32.0/20 exact;
                route-filter 216.224.96.0/20 exact;
                route-filter 205.140.160.0/20 exact;
                route-filter 216.227.224.0/20 exact;
                route-filter 206.154.32.0/20 exact;
                route-filter 216.39.32.0/20 exact;
                route-filter 216.39.96.0/20 exact;
                route-filter 216.48.64.0/20 exact;
                route-filter 216.69.224.0/20 exact;
                route-filter 64.15.192.0/20 exact;
                route-filter 216.227.192.0/20 exact;
                route-filter 216.14.160.0/20 exact;
                route-filter 64.209.128.0/20 exact;
                route-filter 64.209.192.0/20 exact;
                route-filter 206.29.128.0/20 exact;
                route-filter 64.253.192.0/20 exact;
                route-filter 206.132.144.0/20 exact;
                route-filter 64.27.160.0/20 exact;
                route-filter 64.56.192.0/20 exact;
                route-filter 64.70.96.0/20 exact;
                route-filter 64.79.160.0/20 exact;
                route-filter 208.138.0.0/20 exact;
                route-filter 208.138.176.0/20 exact;
                route-filter 64.89.32.0/20 exact;
                route-filter 64.92.160.0/20 exact;
                route-filter 208.157.128.0/20 exact;
                route-filter 207.189.64.0/20 exact;
                route-filter 206.99.96.0/20 exact;
                route-filter 209.27.32.0/20 exact;
                route-filter 204.188.144.0/20 exact;
                route-filter 63.136.96.0/20 exact;
                route-filter 208.167.208.0/20 exact;
                route-filter 66.119.32.0/20 exact;
                route-filter 208.48.208.0/20 exact;
                route-filter 206.97.32.0/19 exact;
                route-filter 64.209.224.0/19 exact;
                route-filter 199.217.64.0/19 exact;
                route-filter 213.174.192.0/19 exact;
                route-filter 166.63.128.0/19 exact;
                route-filter 206.28.128.0/19 exact;
                route-filter 206.153.64.0/19 exact;
                route-filter 207.50.160.0/19 exact;
                route-filter 205.140.128.0/19 exact;
                route-filter 206.132.0.0/19 exact;
                route-filter 64.209.160.0/19 exact;
                route-filter 208.168.192.0/19 exact;
                route-filter 209.27.0.0/19 exact;
                route-filter 64.15.224.0/19 exact;
                route-filter 64.15.160.0/19 exact;
                route-filter 216.64.192.0/19 exact;
                route-filter 206.40.64.0/19 exact;
                route-filter 206.154.0.0/19 exact;
                route-filter 208.169.96.0/19 exact;
                route-filter 208.175.192.0/19 exact;
                route-filter 206.99.64.0/19 exact;
                route-filter 208.163.0.0/19 exact;
                route-filter 212.124.224.0/19 exact;
                route-filter 208.138.128.0/19 exact;
                route-filter 207.2.64.0/19 exact;
                route-filter 208.166.0.0/19 exact;
                route-filter 206.24.160.0/19 exact;
                route-filter 208.175.160.0/19 exact;
                route-filter 66.37.192.0/19 exact;
                route-filter 206.151.0.0/19 exact;
                route-filter 216.39.64.0/19 exact;
                route-filter 205.217.192.0/19 exact;
                route-filter 216.19.128.0/19 exact;
                route-filter 216.182.192.0/19 exact;
                route-filter 206.128.224.0/19 exact;
                route-filter 216.177.64.0/19 exact;
                route-filter 216.109.64.0/19 exact;
                route-filter 216.104.224.0/19 exact;
                route-filter 209.225.64.0/19 exact;
                route-filter 209.143.224.0/19 exact;
                route-filter 204.188.160.0/19 exact;
                route-filter 206.96.96.0/19 exact;
                route-filter 209.16.192.0/19 exact;
                route-filter 82.118.64.0/19 exact;
                route-filter 206.128.0.0/19 exact;
                route-filter 206.40.128.0/19 exact;
                route-filter 208.132.64.0/19 exact;
                route-filter 64.210.160.0/19 exact;
                route-filter 64.211.224.0/19 exact;
                route-filter 64.22.128.0/19 exact;
                route-filter 64.28.64.0/19 exact;
                route-filter 64.39.32.0/19 exact;
                route-filter 64.58.64.0/19 exact;
                route-filter 64.68.64.0/19 exact;
                route-filter 64.70.64.0/19 exact;
                route-filter 63.136.64.0/19 exact;
                route-filter 208.163.64.0/18 exact;
                route-filter 208.173.128.0/18 exact;
                route-filter 205.140.192.0/18 exact;
                route-filter 206.97.64.0/18 exact;
                route-filter 208.169.0.0/18 exact;
                route-filter 207.50.192.0/18 exact;
                route-filter 209.44.0.0/18 exact;
                route-filter 206.24.192.0/18 exact;
                route-filter 206.99.0.0/18 exact;
                route-filter 208.168.128.0/18 exact;
                route-filter 206.128.128.0/18 exact;
                route-filter 206.151.64.0/18 exact;
                route-filter 206.153.0.0/18 exact;
                route-filter 208.132.0.0/18 exact;
                route-filter 208.48.64.0/18 exact;
                route-filter 208.50.128.0/18 exact;
                route-filter 209.202.128.0/18 exact;
                route-filter 209.225.0.0/18 exact;
                route-filter 208.138.192.0/18 exact;
                route-filter 208.138.64.0/18 exact;
                route-filter 208.157.192.0/18 exact;
                route-filter 205.217.128.0/18 exact;
                route-filter 207.2.0.0/18 exact;
                route-filter 216.74.128.0/18 exact;
                route-filter 66.35.192.0/18 exact;
                route-filter 64.210.192.0/18 exact;
                route-filter 64.85.64.0/18 exact;
                route-filter 206.28.192.0/18 exact;
                route-filter 209.27.64.0/18 exact;
                route-filter 208.167.128.0/18 exact;
                route-filter 64.37.192.0/18 exact;
                route-filter 206.96.0.0/18 exact;
                route-filter 206.29.192.0/18 exact;
                route-filter 206.154.64.0/18 exact;
                route-filter 64.70.0.0/18 exact;
                route-filter 208.131.192.0/18 exact;
                route-filter 63.136.0.0/18 exact;
                route-filter 64.75.0.0/18 exact;
                route-filter 208.166.64.0/18 exact;
                route-filter 209.83.128.0/17 exact;
                route-filter 207.50.0.0/17 exact;
                route-filter 167.216.128.0/17 exact;
                route-filter 146.135.0.0/17 exact;
                route-filter 205.217.0.0/17 exact;
                route-filter 208.168.0.0/17 exact;
                route-filter 206.28.0.0/17 exact;
                route-filter 206.29.0.0/17 exact;
                route-filter 208.169.128.0/17 exact;
                route-filter 206.154.128.0/17 exact;
                route-filter 166.49.0.0/17 exact;
                route-filter 207.2.128.0/17 exact;
                route-filter 206.97.128.0/17 exact;
                route-filter 205.140.0.0/17 exact;
                route-filter 206.153.128.0/17 exact;
                route-filter 208.132.128.0/17 exact;
                route-filter 208.163.128.0/17 exact;
                route-filter 206.96.128.0/17 exact;
                route-filter 208.173.0.0/17 exact;
                route-filter 209.102.0.0/17 exact;
                route-filter 208.175.0.0/17 exact;
                route-filter 63.136.128.0/17 exact;
                route-filter 209.25.0.0/17 exact;
                route-filter 208.157.0.0/17 exact;
                route-filter 208.166.128.0/17 exact;
                route-filter 67.54.0.0/17 exact;
                route-filter 64.41.128.0/17 exact;
                route-filter 209.27.128.0/17 exact;
                route-filter 206.151.128.0/17 exact;
                route-filter 208.167.0.0/17 exact;
                route-filter 204.188.0.0/17 exact;
                route-filter 206.24.0.0/17 exact;
                route-filter 208.131.0.0/17 exact;
                route-filter 216.136.128.0/17 exact;
                route-filter 206.99.128.0/17 exact;
                route-filter 204.189.0.0/16 exact;
                route-filter 206.79.0.0/16 exact;
                route-filter 208.162.0.0/16 exact;
                route-filter 207.82.0.0/16 exact;
                route-filter 207.149.0.0/16 exact;
                route-filter 209.176.0.0/16 exact;
                route-filter 206.142.0.0/16 exact;
                route-filter 205.136.0.0/16 exact;
                route-filter 64.14.0.0/16 exact;
                route-filter 207.124.0.0/16 exact;
                route-filter 207.3.0.0/16 exact;
                route-filter 209.1.0.0/16 exact;
                route-filter 208.156.0.0/16 exact;
                route-filter 206.129.0.0/16 exact;
                route-filter 208.139.0.0/16 exact;
                route-filter 209.223.0.0/16 exact;
                route-filter 209.144.0.0/16 exact;
                route-filter 209.185.0.0/16 exact;
                route-filter 206.98.0.0/16 exact;
                route-filter 206.150.0.0/16 exact;
                route-filter 206.152.0.0/16 exact;
                route-filter 209.67.0.0/16 exact;
                route-filter 206.155.0.0/16 exact;
                route-filter 207.51.0.0/16 exact;
                route-filter 208.130.0.0/16 exact;
                route-filter 63.137.0.0/16 exact;
                route-filter 206.25.0.0/16 exact;
                route-filter 208.133.0.0/16 exact;
                route-filter 165.193.0.0/16 exact;
                route-filter 167.215.0.0/16 exact;
                route-filter 208.172.0.0/16 exact;
                route-filter 205.216.0.0/16 exact;
                route-filter 208.174.0.0/16 exact;
                route-filter 207.48.0.0/15 exact;
                route-filter 208.160.0.0/15 exact;
                route-filter 63.128.0.0/15 exact;
                route-filter 208.164.0.0/15 exact;
                route-filter 204.70.0.0/15 exact;
                route-filter 206.156.0.0/15 exact;
                route-filter 208.158.0.0/15 exact;
                route-filter 208.170.0.0/15 exact;
                route-filter 208.134.0.0/15 exact;
                route-filter 206.30.0.0/15 exact;
                route-filter 208.136.0.0/15 exact;
                route-filter 66.100.0.0/15 exact;
                route-filter 208.128.0.0/15 exact;
                route-filter 205.218.0.0/15 exact;
                route-filter 207.0.0.0/15 exact;
                route-filter 205.138.0.0/15 exact;
                route-filter 206.26.0.0/15 exact;
                route-filter 206.100.0.0/14 exact;
                route-filter 216.88.0.0/14 exact;
                route-filter 64.240.0.0/14 exact;
                route-filter 208.140.0.0/14 exact;
                route-filter 216.32.0.0/14 exact;
                route-filter 208.152.0.0/14 exact;
                route-filter 208.144.0.0/13 exact;
            }
            then accept;
        }
        term two {
            from {
                route-filter 199.242.24.0/23 longer reject;
                route-filter 206.220.224.0/22 longer reject;
                route-filter 209.27.56.0/22 longer reject;
                route-filter 206.128.220.0/22 longer reject;
                route-filter 204.188.128.0/21 longer reject;
                route-filter 207.189.88.0/21 longer reject;
                route-filter 206.154.56.0/21 longer reject;
                route-filter 63.136.120.0/21 longer reject;
                route-filter 206.99.112.0/21 longer reject;
                route-filter 206.97.16.0/21 longer reject;
                route-filter 208.138.160.0/21 longer reject;
                route-filter 208.157.152.0/21 longer reject;
                route-filter 199.242.16.0/21 longer reject;
                route-filter 206.128.208.0/21 longer reject;
                route-filter 204.194.8.0/21 longer reject;
                route-filter 209.143.192.0/20 longer reject;
                route-filter 216.118.192.0/20 longer reject;
                route-filter 206.97.0.0/20 longer reject;
                route-filter 66.128.224.0/20 longer reject;
                route-filter 66.128.64.0/20 longer reject;
                route-filter 206.28.160.0/20 longer reject;
                route-filter 216.144.64.0/20 longer reject;
                route-filter 206.151.32.0/20 longer reject;
                route-filter 216.182.160.0/20 longer reject;
                route-filter 216.182.64.0/20 longer reject;
                route-filter 216.19.160.0/20 longer reject;
                route-filter 216.219.64.0/20 longer reject;
                route-filter 216.219.96.0/20 longer reject;
                route-filter 206.132.32.0/20 longer reject;
                route-filter 216.224.96.0/20 longer reject;
                route-filter 205.140.160.0/20 longer reject;
                route-filter 216.227.224.0/20 longer reject;
                route-filter 206.154.32.0/20 longer reject;
                route-filter 216.39.32.0/20 longer reject;
                route-filter 216.39.96.0/20 longer reject;
                route-filter 216.48.64.0/20 longer reject;
                route-filter 216.69.224.0/20 longer reject;
                route-filter 64.15.192.0/20 longer reject;
                route-filter 216.227.192.0/20 longer reject;
                route-filter 216.14.160.0/20 longer reject;
                route-filter 64.209.128.0/20 longer reject;
                route-filter 64.209.192.0/20 longer reject;
                route-filter 206.29.128.0/20 longer reject;
                route-filter 64.253.192.0/20 longer reject;
                route-filter 206.132.144.0/20 longer reject;
                route-filter 64.27.160.0/20 longer reject;
                route-filter 64.56.192.0/20 longer reject;
                route-filter 64.70.96.0/20 longer reject;
                route-filter 64.79.160.0/20 longer reject;
                route-filter 208.138.0.0/20 longer reject;
                route-filter 208.138.176.0/20 longer reject;
                route-filter 64.89.32.0/20 longer reject;
                route-filter 64.92.160.0/20 longer reject;
                route-filter 208.157.128.0/20 longer reject;
                route-filter 207.189.64.0/20 longer reject;
                route-filter 206.99.96.0/20 longer reject;
                route-filter 209.27.32.0/20 longer reject;
                route-filter 204.188.144.0/20 longer reject;
                route-filter 63.136.96.0/20 longer reject;
                route-filter 208.167.208.0/20 longer reject;
                route-filter 66.119.32.0/20 longer reject;
                route-filter 208.48.208.0/20 longer reject;
                route-filter 206.97.32.0/19 longer reject;
                route-filter 64.209.224.0/19 longer reject;
                route-filter 199.217.64.0/19 longer reject;
                route-filter 213.174.192.0/19 longer reject;
                route-filter 166.63.128.0/19 longer reject;
                route-filter 206.28.128.0/19 longer reject;
                route-filter 206.153.64.0/19 longer reject;
                route-filter 207.50.160.0/19 longer reject;
                route-filter 205.140.128.0/19 longer reject;
                route-filter 206.132.0.0/19 longer reject;
                route-filter 64.209.160.0/19 longer reject;
                route-filter 208.168.192.0/19 longer reject;
                route-filter 209.27.0.0/19 longer reject;
                route-filter 64.15.224.0/19 longer reject;
                route-filter 64.15.160.0/19 longer reject;
                route-filter 216.64.192.0/19 longer reject;
                route-filter 206.40.64.0/19 longer reject;
                route-filter 206.154.0.0/19 longer reject;
                route-filter 208.169.96.0/19 longer reject;
                route-filter 208.175.192.0/19 longer reject;
                route-filter 206.99.64.0/19 longer reject;
                route-filter 208.163.0.0/19 longer reject;
                route-filter 212.124.224.0/19 longer reject;
                route-filter 208.138.128.0/19 longer reject;
                route-filter 207.2.64.0/19 longer reject;
                route-filter 208.166.0.0/19 longer reject;
                route-filter 206.24.160.0/19 longer reject;
                route-filter 208.175.160.0/19 longer reject;
                route-filter 66.37.192.0/19 longer reject;
                route-filter 206.151.0.0/19 longer reject;
                route-filter 216.39.64.0/19 longer reject;
                route-filter 205.217.192.0/19 longer reject;
                route-filter 216.19.128.0/19 longer reject;
                route-filter 216.182.192.0/19 longer reject;
                route-filter 206.128.224.0/19 longer reject;
                route-filter 216.177.64.0/19 longer reject;
                route-filter 216.109.64.0/19 longer reject;
                route-filter 216.104.224.0/19 longer reject;
                route-filter 209.225.64.0/19 longer reject;
                route-filter 209.143.224.0/19 longer reject;
                route-filter 204.188.160.0/19 longer reject;
                route-filter 206.96.96.0/19 longer reject;
                route-filter 209.16.192.0/19 longer reject;
                route-filter 82.118.64.0/19 longer reject;
                route-filter 206.128.0.0/19 longer reject;
                route-filter 206.40.128.0/19 longer reject;
                route-filter 208.132.64.0/19 longer reject;
                route-filter 64.210.160.0/19 longer reject;
                route-filter 64.211.224.0/19 longer reject;
                route-filter 64.22.128.0/19 longer reject;
                route-filter 64.28.64.0/19 longer reject;
                route-filter 64.39.32.0/19 longer reject;
                route-filter 64.58.64.0/19 longer reject;
                route-filter 64.68.64.0/19 longer reject;
                route-filter 64.70.64.0/19 longer reject;
                route-filter 63.136.64.0/19 longer reject;
                route-filter 208.163.64.0/18 longer reject;
                route-filter 208.173.128.0/18 longer reject;
                route-filter 205.140.192.0/18 longer reject;
                route-filter 206.97.64.0/18 longer reject;
                route-filter 208.169.0.0/18 longer reject;
                route-filter 207.50.192.0/18 longer reject;
                route-filter 209.44.0.0/18 longer reject;
                route-filter 206.24.192.0/18 longer reject;
                route-filter 206.99.0.0/18 longer reject;
                route-filter 208.168.128.0/18 longer reject;
                route-filter 206.128.128.0/18 longer reject;
                route-filter 206.151.64.0/18 longer reject;
                route-filter 206.153.0.0/18 longer reject;
                route-filter 208.132.0.0/18 longer reject;
                route-filter 208.48.64.0/18 longer reject;
                route-filter 208.50.128.0/18 longer reject;
                route-filter 209.202.128.0/18 longer reject;
                route-filter 209.225.0.0/18 longer reject;
                route-filter 208.138.192.0/18 longer reject;
                route-filter 208.138.64.0/18 longer reject;
                route-filter 208.157.192.0/18 longer reject;
                route-filter 205.217.128.0/18 longer reject;
                route-filter 207.2.0.0/18 longer reject;
                route-filter 216.74.128.0/18 longer reject;
                route-filter 66.35.192.0/18 longer reject;
                route-filter 64.210.192.0/18 longer reject;
                route-filter 64.85.64.0/18 longer reject;
                route-filter 206.28.192.0/18 longer reject;
                route-filter 209.27.64.0/18 longer reject;
                route-filter 208.167.128.0/18 longer reject;
                route-filter 64.37.192.0/18 longer reject;
                route-filter 206.96.0.0/18 longer reject;
                route-filter 206.29.192.0/18 longer reject;
                route-filter 206.154.64.0/18 longer reject;
                route-filter 64.70.0.0/18 longer reject;
                route-filter 208.131.192.0/18 longer reject;
                route-filter 63.136.0.0/18 longer reject;
                route-filter 64.75.0.0/18 longer reject;
                route-filter 208.166.64.0/18 longer reject;
                route-filter 209.83.128.0/17 longer reject;
                route-filter 207.50.0.0/17 longer reject;
                route-filter 167.216.128.0/17 longer reject;
                route-filter 146.135.0.0/17 longer reject;
                route-filter 205.217.0.0/17 longer reject;
                route-filter 208.168.0.0/17 longer reject;
                route-filter 206.28.0.0/17 longer reject;
                route-filter 206.29.0.0/17 longer reject;
                route-filter 208.169.128.0/17 longer reject;
                route-filter 206.154.128.0/17 longer reject;
                route-filter 166.49.0.0/17 longer reject;
                route-filter 207.2.128.0/17 longer reject;
                route-filter 206.97.128.0/17 longer reject;
                route-filter 205.140.0.0/17 longer reject;
                route-filter 206.153.128.0/17 longer reject;
                route-filter 208.132.128.0/17 longer reject;
                route-filter 208.163.128.0/17 longer reject;
                route-filter 206.96.128.0/17 longer reject;
                route-filter 208.173.0.0/17 longer reject;
                route-filter 209.102.0.0/17 longer reject;
                route-filter 208.175.0.0/17 longer reject;
                route-filter 63.136.128.0/17 longer reject;
                route-filter 209.25.0.0/17 longer reject;
                route-filter 208.157.0.0/17 longer reject;
                route-filter 208.166.128.0/17 longer reject;
                route-filter 67.54.0.0/17 longer reject;
                route-filter 64.41.128.0/17 longer reject;
                route-filter 209.27.128.0/17 longer reject;
                route-filter 206.151.128.0/17 longer reject;
                route-filter 208.167.0.0/17 longer reject;
                route-filter 204.188.0.0/17 longer reject;
                route-filter 206.24.0.0/17 longer reject;
                route-filter 208.131.0.0/17 longer reject;
                route-filter 216.136.128.0/17 longer reject;
                route-filter 206.99.128.0/17 longer reject;
                route-filter 204.189.0.0/16 longer reject;
                route-filter 206.79.0.0/16 longer reject;
                route-filter 208.162.0.0/16 longer reject;
                route-filter 207.82.0.0/16 longer reject;
                route-filter 207.149.0.0/16 longer reject;
                route-filter 209.176.0.0/16 longer reject;
                route-filter 206.142.0.0/16 longer reject;
                route-filter 205.136.0.0/16 longer reject;
                route-filter 64.14.0.0/16 longer reject;
                route-filter 207.124.0.0/16 longer reject;
                route-filter 207.3.0.0/16 longer reject;
                route-filter 209.1.0.0/16 longer reject;
                route-filter 208.156.0.0/16 longer reject;
                route-filter 206.129.0.0/16 longer reject;
                route-filter 208.139.0.0/16 longer reject;
                route-filter 209.223.0.0/16 longer reject;
                route-filter 209.144.0.0/16 longer reject;
                route-filter 209.185.0.0/16 longer reject;
                route-filter 206.98.0.0/16 longer reject;
                route-filter 206.150.0.0/16 longer reject;
                route-filter 206.152.0.0/16 longer reject;
                route-filter 209.67.0.0/16 longer reject;
                route-filter 206.155.0.0/16 longer reject;
                route-filter 207.51.0.0/16 longer reject;
                route-filter 208.130.0.0/16 longer reject;
                route-filter 63.137.0.0/16 longer reject;
                route-filter 206.25.0.0/16 longer reject;
                route-filter 208.133.0.0/16 longer reject;
                route-filter 165.193.0.0/16 longer reject;
                route-filter 167.215.0.0/16 longer reject;
                route-filter 208.172.0.0/16 longer reject;
                route-filter 205.216.0.0/16 longer reject;
                route-filter 208.174.0.0/16 longer reject;
                route-filter 207.48.0.0/15 longer reject;
                route-filter 208.160.0.0/15 longer reject;
                route-filter 63.128.0.0/15 longer reject;
                route-filter 208.164.0.0/15 longer reject;
                route-filter 204.70.0.0/15 longer reject;
                route-filter 206.156.0.0/15 longer reject;
                route-filter 208.158.0.0/15 longer reject;
                route-filter 208.170.0.0/15 longer reject;
                route-filter 208.134.0.0/15 longer reject;
                route-filter 206.30.0.0/15 longer reject;
                route-filter 208.136.0.0/15 longer reject;
                route-filter 66.100.0.0/15 longer reject;
                route-filter 208.128.0.0/15 longer reject;
                route-filter 205.218.0.0/15 longer reject;
                route-filter 207.0.0.0/15 longer reject;
                route-filter 205.138.0.0/15 longer reject;
                route-filter 206.26.0.0/15 longer reject;
                route-filter 206.100.0.0/14 longer reject;
                route-filter 216.88.0.0/14 longer reject;
                route-filter 64.240.0.0/14 longer reject;
                route-filter 208.140.0.0/14 longer reject;
                route-filter 216.32.0.0/14 longer reject;
                route-filter 208.152.0.0/14 longer reject;
                route-filter 208.144.0.0/13 longer reject;
            }
            then next policy;
        }
    }
    policy-statement find-specifics {
        term accept-specifics {
            from {
                route-filter 199.242.24.0/23 longer accept;
                route-filter 206.220.224.0/22 longer accept;
                route-filter 209.27.56.0/22 longer accept;
                route-filter 206.128.220.0/22 longer accept;
                route-filter 204.188.128.0/21 longer accept;
                route-filter 207.189.88.0/21 longer accept;
                route-filter 206.154.56.0/21 longer accept;
                route-filter 63.136.120.0/21 longer accept;
                route-filter 206.99.112.0/21 longer accept;
                route-filter 206.97.16.0/21 longer accept;
                route-filter 208.138.160.0/21 longer accept;
                route-filter 208.157.152.0/21 longer accept;
                route-filter 199.242.16.0/21 longer accept;
                route-filter 206.128.208.0/21 longer accept;
                route-filter 204.194.8.0/21 longer accept;
                route-filter 209.143.192.0/20 longer accept;
                route-filter 216.118.192.0/20 longer accept;
                route-filter 206.97.0.0/20 longer accept;
                route-filter 66.128.224.0/20 longer accept;
                route-filter 66.128.64.0/20 longer accept;
                route-filter 206.28.160.0/20 longer accept;
                route-filter 216.144.64.0/20 longer accept;
                route-filter 206.151.32.0/20 longer accept;
                route-filter 216.182.160.0/20 longer accept;
                route-filter 216.182.64.0/20 longer accept;
                route-filter 216.19.160.0/20 longer accept;
                route-filter 216.219.64.0/20 longer accept;
                route-filter 216.219.96.0/20 longer accept;
                route-filter 206.132.32.0/20 longer accept;
                route-filter 216.224.96.0/20 longer accept;
                route-filter 205.140.160.0/20 longer accept;
                route-filter 216.227.224.0/20 longer accept;
                route-filter 206.154.32.0/20 longer accept;
                route-filter 216.39.32.0/20 longer accept;
                route-filter 216.39.96.0/20 longer accept;
                route-filter 216.48.64.0/20 longer accept;
                route-filter 216.69.224.0/20 longer accept;
                route-filter 64.15.192.0/20 longer accept;
                route-filter 216.227.192.0/20 longer accept;
                route-filter 216.14.160.0/20 longer accept;
                route-filter 64.209.128.0/20 longer accept;
                route-filter 64.209.192.0/20 longer accept;
                route-filter 206.29.128.0/20 longer accept;
                route-filter 64.253.192.0/20 longer accept;
                route-filter 206.132.144.0/20 longer accept;
                route-filter 64.27.160.0/20 longer accept;
                route-filter 64.56.192.0/20 longer accept;
                route-filter 64.70.96.0/20 longer accept;
                route-filter 64.79.160.0/20 longer accept;
                route-filter 208.138.0.0/20 longer accept;
                route-filter 208.138.176.0/20 longer accept;
                route-filter 64.89.32.0/20 longer accept;
                route-filter 64.92.160.0/20 longer accept;
                route-filter 208.157.128.0/20 longer accept;
                route-filter 207.189.64.0/20 longer accept;
                route-filter 206.99.96.0/20 longer accept;
                route-filter 209.27.32.0/20 longer accept;
                route-filter 204.188.144.0/20 longer accept;
                route-filter 63.136.96.0/20 longer accept;
                route-filter 208.167.208.0/20 longer accept;
                route-filter 66.119.32.0/20 longer accept;
                route-filter 208.48.208.0/20 longer accept;
                route-filter 206.97.32.0/19 longer accept;
                route-filter 64.209.224.0/19 longer accept;
                route-filter 199.217.64.0/19 longer accept;
                route-filter 213.174.192.0/19 longer accept;
                route-filter 166.63.128.0/19 longer accept;
                route-filter 206.28.128.0/19 longer accept;
                route-filter 206.153.64.0/19 longer accept;
                route-filter 207.50.160.0/19 longer accept;
                route-filter 205.140.128.0/19 longer accept;
                route-filter 206.132.0.0/19 longer accept;
                route-filter 64.209.160.0/19 longer accept;
                route-filter 208.168.192.0/19 longer accept;
                route-filter 209.27.0.0/19 longer accept;
                route-filter 64.15.224.0/19 longer accept;
                route-filter 64.15.160.0/19 longer accept;
                route-filter 216.64.192.0/19 longer accept;
                route-filter 206.40.64.0/19 longer accept;
                route-filter 206.154.0.0/19 longer accept;
                route-filter 208.169.96.0/19 longer accept;
                route-filter 208.175.192.0/19 longer accept;
                route-filter 206.99.64.0/19 longer accept;
                route-filter 208.163.0.0/19 longer accept;
                route-filter 212.124.224.0/19 longer accept;
                route-filter 208.138.128.0/19 longer accept;
                route-filter 207.2.64.0/19 longer accept;
                route-filter 208.166.0.0/19 longer accept;
                route-filter 206.24.160.0/19 longer accept;
                route-filter 208.175.160.0/19 longer accept;
                route-filter 66.37.192.0/19 longer accept;
                route-filter 206.151.0.0/19 longer accept;
                route-filter 216.39.64.0/19 longer accept;
                route-filter 205.217.192.0/19 longer accept;
                route-filter 216.19.128.0/19 longer accept;
                route-filter 216.182.192.0/19 longer accept;
                route-filter 206.128.224.0/19 longer accept;
                route-filter 216.177.64.0/19 longer accept;
                route-filter 216.109.64.0/19 longer accept;
                route-filter 216.104.224.0/19 longer accept;
                route-filter 209.225.64.0/19 longer accept;
                route-filter 209.143.224.0/19 longer accept;
                route-filter 204.188.160.0/19 longer accept;
                route-filter 206.96.96.0/19 longer accept;
                route-filter 209.16.192.0/19 longer accept;
                route-filter 82.118.64.0/19 longer accept;
                route-filter 206.128.0.0/19 longer accept;
                route-filter 206.40.128.0/19 longer accept;
                route-filter 208.132.64.0/19 longer accept;
                route-filter 64.210.160.0/19 longer accept;
                route-filter 64.211.224.0/19 longer accept;
                route-filter 64.22.128.0/19 longer accept;
                route-filter 64.28.64.0/19 longer accept;
                route-filter 64.39.32.0/19 longer accept;
                route-filter 64.58.64.0/19 longer accept;
                route-filter 64.68.64.0/19 longer accept;
                route-filter 64.70.64.0/19 longer accept;
                route-filter 63.136.64.0/19 longer accept;
                route-filter 208.163.64.0/18 longer accept;
                route-filter 208.173.128.0/18 longer accept;
                route-filter 205.140.192.0/18 longer accept;
                route-filter 206.97.64.0/18 longer accept;
                route-filter 208.169.0.0/18 longer accept;
                route-filter 207.50.192.0/18 longer accept;
                route-filter 209.44.0.0/18 longer accept;
                route-filter 206.24.192.0/18 longer accept;
                route-filter 206.99.0.0/18 longer accept;
                route-filter 208.168.128.0/18 longer accept;
                route-filter 206.128.128.0/18 longer accept;
                route-filter 206.151.64.0/18 longer accept;
                route-filter 206.153.0.0/18 longer accept;
                route-filter 208.132.0.0/18 longer accept;
                route-filter 208.48.64.0/18 longer accept;
                route-filter 208.50.128.0/18 longer accept;
                route-filter 209.202.128.0/18 longer accept;
                route-filter 209.225.0.0/18 longer accept;
                route-filter 208.138.192.0/18 longer accept;
                route-filter 208.138.64.0/18 longer accept;
                route-filter 208.157.192.0/18 longer accept;
                route-filter 205.217.128.0/18 longer accept;
                route-filter 207.2.0.0/18 longer accept;
                route-filter 216.74.128.0/18 longer accept;
                route-filter 66.35.192.0/18 longer accept;
                route-filter 64.210.192.0/18 longer accept;
                route-filter 64.85.64.0/18 longer accept;
                route-filter 206.28.192.0/18 longer accept;
                route-filter 209.27.64.0/18 longer accept;
                route-filter 208.167.128.0/18 longer accept;
                route-filter 64.37.192.0/18 longer accept;
                route-filter 206.96.0.0/18 longer accept;
                route-filter 206.29.192.0/18 longer accept;
                route-filter 206.154.64.0/18 longer accept;
                route-filter 64.70.0.0/18 longer accept;
                route-filter 208.131.192.0/18 longer accept;
                route-filter 63.136.0.0/18 longer accept;
                route-filter 64.75.0.0/18 longer accept;
                route-filter 208.166.64.0/18 longer accept;
                route-filter 209.83.128.0/17 longer accept;
                route-filter 207.50.0.0/17 longer accept;
                route-filter 167.216.128.0/17 longer accept;
                route-filter 146.135.0.0/17 longer accept;
                route-filter 205.217.0.0/17 longer accept;
                route-filter 208.168.0.0/17 longer accept;
                route-filter 206.28.0.0/17 longer accept;
                route-filter 206.29.0.0/17 longer accept;
                route-filter 208.169.128.0/17 longer accept;
                route-filter 206.154.128.0/17 longer accept;
                route-filter 166.49.0.0/17 longer accept;
                route-filter 207.2.128.0/17 longer accept;
                route-filter 206.97.128.0/17 longer accept;
                route-filter 205.140.0.0/17 longer accept;
                route-filter 206.153.128.0/17 longer accept;
                route-filter 208.132.128.0/17 longer accept;
                route-filter 208.163.128.0/17 longer accept;
                route-filter 206.96.128.0/17 longer accept;
                route-filter 208.173.0.0/17 longer accept;
                route-filter 209.102.0.0/17 longer accept;
                route-filter 208.175.0.0/17 longer accept;
                route-filter 63.136.128.0/17 longer accept;
                route-filter 209.25.0.0/17 longer accept;
                route-filter 208.157.0.0/17 longer accept;
                route-filter 208.166.128.0/17 longer accept;
                route-filter 67.54.0.0/17 longer accept;
                route-filter 64.41.128.0/17 longer accept;
                route-filter 209.27.128.0/17 longer accept;
                route-filter 206.151.128.0/17 longer accept;
                route-filter 208.167.0.0/17 longer accept;
                route-filter 204.188.0.0/17 longer accept;
                route-filter 206.24.0.0/17 longer accept;
                route-filter 208.131.0.0/17 longer accept;
                route-filter 216.136.128.0/17 longer accept;
                route-filter 206.99.128.0/17 longer accept;
                route-filter 204.189.0.0/16 longer accept;
                route-filter 206.79.0.0/16 longer accept;
                route-filter 208.162.0.0/16 longer accept;
                route-filter 207.82.0.0/16 longer accept;
                route-filter 207.149.0.0/16 longer accept;
                route-filter 209.176.0.0/16 longer accept;
                route-filter 206.142.0.0/16 longer accept;
                route-filter 205.136.0.0/16 longer accept;
                route-filter 64.14.0.0/16 longer accept;
                route-filter 207.124.0.0/16 longer accept;
                route-filter 207.3.0.0/16 longer accept;
                route-filter 209.1.0.0/16 longer accept;
                route-filter 208.156.0.0/16 longer accept;
                route-filter 206.129.0.0/16 longer accept;
                route-filter 208.139.0.0/16 longer accept;
                route-filter 209.223.0.0/16 longer accept;
                route-filter 209.144.0.0/16 longer accept;
                route-filter 209.185.0.0/16 longer accept;
                route-filter 206.98.0.0/16 longer accept;
                route-filter 206.150.0.0/16 longer accept;
                route-filter 206.152.0.0/16 longer accept;
                route-filter 209.67.0.0/16 longer accept;
                route-filter 206.155.0.0/16 longer accept;
                route-filter 207.51.0.0/16 longer accept;
                route-filter 208.130.0.0/16 longer accept;
                route-filter 63.137.0.0/16 longer accept;
                route-filter 206.25.0.0/16 longer accept;
                route-filter 208.133.0.0/16 longer accept;
                route-filter 165.193.0.0/16 longer accept;
                route-filter 167.215.0.0/16 longer accept;
                route-filter 208.172.0.0/16 longer accept;
                route-filter 205.216.0.0/16 longer accept;
                route-filter 208.174.0.0/16 longer accept;
                route-filter 207.48.0.0/15 longer accept;
                route-filter 208.160.0.0/15 longer accept;
                route-filter 63.128.0.0/15 longer accept;
                route-filter 208.164.0.0/15 longer accept;
                route-filter 204.70.0.0/15 longer accept;
                route-filter 206.156.0.0/15 longer accept;
                route-filter 208.158.0.0/15 longer accept;
                route-filter 208.170.0.0/15 longer accept;
                route-filter 208.134.0.0/15 longer accept;
                route-filter 206.30.0.0/15 longer accept;
                route-filter 208.136.0.0/15 longer accept;
                route-filter 66.100.0.0/15 longer accept;
                route-filter 208.128.0.0/15 longer accept;
                route-filter 205.218.0.0/15 longer accept;
                route-filter 207.0.0.0/15 longer accept;
                route-filter 205.138.0.0/15 longer accept;
                route-filter 206.26.0.0/15 longer accept;
                route-filter 206.100.0.0/14 longer accept;
                route-filter 216.88.0.0/14 longer accept;
                route-filter 64.240.0.0/14 longer accept;
                route-filter 208.140.0.0/14 longer accept;
                route-filter 216.32.0.0/14 longer accept;
                route-filter 208.152.0.0/14 longer accept;
                route-filter 208.144.0.0/13 longer accept;
            }
        }
        term reject-others {
            then reject;
        }
    }
    policy-statement export-customer-routes-glbl {
        term AS4293 {
            from {
                as-path as4293-routes;
                policy find-specifics;
            }
            then reject;
        }
        term comm-customer {
            from community comm-customer;
            then {
                community delete comm-wild;
                accept;
            }
        }
        term comm-peer {
            from community comm-peer;
            then reject;
        }
        then {
            community delete comm-wild;
            next policy;
        }
    }
    policy-statement export-customer-routes-glbl-comm {
        term AS4293 {
            from {
                as-path as4293-routes;
                policy find-specifics;
            }
            then reject;
        }
        term comm-customer {
            from community comm-customer;
            then accept;
        }
        term comm-peer {
            from community comm-peer;
            then reject;
        }
        then next policy;
    }
    policy-statement export-full-routes-comm {
        term AS4293 {
            from {
                as-path as4293-routes;
                policy find-specifics;
            }
            then reject;
        }
        term comm-customer {
            from community comm-customer;
            then accept;
        }
        term comm-peer {
            from community comm-peer;
            then accept;
        }
        then next policy;
    }
    policy-statement set-peer-local-pref-100-RNA {
        then {
            local-preference 100;
            community set comm-RNA-peer;
        }
    }
    policy-statement set-peer-local-pref-RNA {
        then {
            metric 128;
            local-preference 80;
            community set comm-RNA-peer;
        }
    }
    policy-statement per-flow-load-balancing {
        term 1 {
            from {
                route-filter 208.174.15.0/24 orlonger;
            }
        }
        then {
            load-balance per-packet;
        }
    }
    policy-statement default-originate {
        term 1 {
            from {
                route-filter 0.0.0.0/0 exact accept;
            }
        }
        term 2 {
            then next policy;
        }
    }
    policy-statement export-backbone-routes {
        term one {
            from {
                route-filter 199.242.24.0/23 exact;
                route-filter 206.220.224.0/22 exact;
                route-filter 209.27.56.0/22 exact;
                route-filter 206.128.220.0/22 exact;
                route-filter 204.188.128.0/21 exact;
                route-filter 207.189.88.0/21 exact;
                route-filter 206.154.56.0/21 exact;
                route-filter 63.136.120.0/21 exact;
                route-filter 206.99.112.0/21 exact;
                route-filter 206.97.16.0/21 exact;
                route-filter 208.138.160.0/21 exact;
                route-filter 208.157.152.0/21 exact;
                route-filter 199.242.16.0/21 exact;
                route-filter 206.128.208.0/21 exact;
                route-filter 204.194.8.0/21 exact;
                route-filter 209.143.192.0/20 exact;
                route-filter 216.118.192.0/20 exact;
                route-filter 206.97.0.0/20 exact;
                route-filter 66.128.224.0/20 exact;
                route-filter 66.128.64.0/20 exact;
                route-filter 206.28.160.0/20 exact;
                route-filter 216.144.64.0/20 exact;
                route-filter 206.151.32.0/20 exact;
                route-filter 216.182.160.0/20 exact;
                route-filter 216.182.64.0/20 exact;
                route-filter 216.19.160.0/20 exact;
                route-filter 216.219.64.0/20 exact;
                route-filter 216.219.96.0/20 exact;
                route-filter 206.132.32.0/20 exact;
                route-filter 216.224.96.0/20 exact;
                route-filter 205.140.160.0/20 exact;
                route-filter 216.227.224.0/20 exact;
                route-filter 206.154.32.0/20 exact;
                route-filter 216.39.32.0/20 exact;
                route-filter 216.39.96.0/20 exact;
                route-filter 216.48.64.0/20 exact;
                route-filter 216.69.224.0/20 exact;
                route-filter 64.15.192.0/20 exact;
                route-filter 216.227.192.0/20 exact;
                route-filter 216.14.160.0/20 exact;
                route-filter 64.209.128.0/20 exact;
                route-filter 64.209.192.0/20 exact;
                route-filter 206.29.128.0/20 exact;
                route-filter 64.253.192.0/20 exact;
                route-filter 206.132.144.0/20 exact;
                route-filter 64.27.160.0/20 exact;
                route-filter 64.56.192.0/20 exact;
                route-filter 64.70.96.0/20 exact;
                route-filter 64.79.160.0/20 exact;
                route-filter 208.138.0.0/20 exact;
                route-filter 208.138.176.0/20 exact;
                route-filter 64.89.32.0/20 exact;
                route-filter 64.92.160.0/20 exact;
                route-filter 208.157.128.0/20 exact;
                route-filter 207.189.64.0/20 exact;
                route-filter 206.99.96.0/20 exact;
                route-filter 209.27.32.0/20 exact;
                route-filter 204.188.144.0/20 exact;
                route-filter 63.136.96.0/20 exact;
                route-filter 208.167.208.0/20 exact;
                route-filter 66.119.32.0/20 exact;
                route-filter 208.48.208.0/20 exact;
                route-filter 206.97.32.0/19 exact;
                route-filter 64.209.224.0/19 exact;
                route-filter 199.217.64.0/19 exact;
                route-filter 213.174.192.0/19 exact;
                route-filter 166.63.128.0/19 exact;
                route-filter 206.28.128.0/19 exact;
                route-filter 206.153.64.0/19 exact;
                route-filter 207.50.160.0/19 exact;
                route-filter 205.140.128.0/19 exact;
                route-filter 206.132.0.0/19 exact;
                route-filter 64.209.160.0/19 exact;
                route-filter 208.168.192.0/19 exact;
                route-filter 209.27.0.0/19 exact;
                route-filter 64.15.224.0/19 exact;
                route-filter 64.15.160.0/19 exact;
                route-filter 216.64.192.0/19 exact;
                route-filter 206.40.64.0/19 exact;
                route-filter 206.154.0.0/19 exact;
                route-filter 208.169.96.0/19 exact;
                route-filter 208.175.192.0/19 exact;
                route-filter 206.99.64.0/19 exact;
                route-filter 208.163.0.0/19 exact;
                route-filter 212.124.224.0/19 exact;
                route-filter 208.138.128.0/19 exact;
                route-filter 207.2.64.0/19 exact;
                route-filter 208.166.0.0/19 exact;
                route-filter 206.24.160.0/19 exact;
                route-filter 208.175.160.0/19 exact;
                route-filter 66.37.192.0/19 exact;
                route-filter 206.151.0.0/19 exact;
                route-filter 216.39.64.0/19 exact;
                route-filter 205.217.192.0/19 exact;
                route-filter 216.19.128.0/19 exact;
                route-filter 216.182.192.0/19 exact;
                route-filter 206.128.224.0/19 exact;
                route-filter 216.177.64.0/19 exact;
                route-filter 216.109.64.0/19 exact;
                route-filter 216.104.224.0/19 exact;
                route-filter 209.225.64.0/19 exact;
                route-filter 209.143.224.0/19 exact;
                route-filter 204.188.160.0/19 exact;
                route-filter 206.96.96.0/19 exact;
                route-filter 209.16.192.0/19 exact;
                route-filter 82.118.64.0/19 exact;
                route-filter 206.128.0.0/19 exact;
                route-filter 206.40.128.0/19 exact;
                route-filter 208.132.64.0/19 exact;
                route-filter 64.210.160.0/19 exact;
                route-filter 64.211.224.0/19 exact;
                route-filter 64.22.128.0/19 exact;
                route-filter 64.28.64.0/19 exact;
                route-filter 64.39.32.0/19 exact;
                route-filter 64.58.64.0/19 exact;
                route-filter 64.68.64.0/19 exact;
                route-filter 64.70.64.0/19 exact;
                route-filter 63.136.64.0/19 exact;
                route-filter 208.163.64.0/18 exact;
                route-filter 208.173.128.0/18 exact;
                route-filter 205.140.192.0/18 exact;
                route-filter 206.97.64.0/18 exact;
                route-filter 208.169.0.0/18 exact;
                route-filter 207.50.192.0/18 exact;
                route-filter 209.44.0.0/18 exact;
                route-filter 206.24.192.0/18 exact;
                route-filter 206.99.0.0/18 exact;
                route-filter 208.168.128.0/18 exact;
                route-filter 206.128.128.0/18 exact;
                route-filter 206.151.64.0/18 exact;
                route-filter 206.153.0.0/18 exact;
                route-filter 208.132.0.0/18 exact;
                route-filter 208.48.64.0/18 exact;
                route-filter 208.50.128.0/18 exact;
                route-filter 209.202.128.0/18 exact;
                route-filter 209.225.0.0/18 exact;
                route-filter 208.138.192.0/18 exact;
                route-filter 208.138.64.0/18 exact;
                route-filter 208.157.192.0/18 exact;
                route-filter 205.217.128.0/18 exact;
                route-filter 207.2.0.0/18 exact;
                route-filter 216.74.128.0/18 exact;
                route-filter 66.35.192.0/18 exact;
                route-filter 64.210.192.0/18 exact;
                route-filter 64.85.64.0/18 exact;
                route-filter 206.28.192.0/18 exact;
                route-filter 209.27.64.0/18 exact;
                route-filter 208.167.128.0/18 exact;
                route-filter 64.37.192.0/18 exact;
                route-filter 206.96.0.0/18 exact;
                route-filter 206.29.192.0/18 exact;
                route-filter 206.154.64.0/18 exact;
                route-filter 64.70.0.0/18 exact;
                route-filter 208.131.192.0/18 exact;
                route-filter 63.136.0.0/18 exact;
                route-filter 64.75.0.0/18 exact;
                route-filter 208.166.64.0/18 exact;
                route-filter 209.83.128.0/17 exact;
                route-filter 207.50.0.0/17 exact;
                route-filter 167.216.128.0/17 exact;
                route-filter 146.135.0.0/17 exact;
                route-filter 205.217.0.0/17 exact;
                route-filter 208.168.0.0/17 exact;
                route-filter 206.28.0.0/17 exact;
                route-filter 206.29.0.0/17 exact;
                route-filter 208.169.128.0/17 exact;
                route-filter 206.154.128.0/17 exact;
                route-filter 166.49.0.0/17 exact;
                route-filter 207.2.128.0/17 exact;
                route-filter 206.97.128.0/17 exact;
                route-filter 205.140.0.0/17 exact;
                route-filter 206.153.128.0/17 exact;
                route-filter 208.132.128.0/17 exact;
                route-filter 208.163.128.0/17 exact;
                route-filter 206.96.128.0/17 exact;
                route-filter 208.173.0.0/17 exact;
                route-filter 209.102.0.0/17 exact;
                route-filter 208.175.0.0/17 exact;
                route-filter 63.136.128.0/17 exact;
                route-filter 209.25.0.0/17 exact;
                route-filter 208.157.0.0/17 exact;
                route-filter 208.166.128.0/17 exact;
                route-filter 67.54.0.0/17 exact;
                route-filter 64.41.128.0/17 exact;
                route-filter 209.27.128.0/17 exact;
                route-filter 206.151.128.0/17 exact;
                route-filter 208.167.0.0/17 exact;
                route-filter 204.188.0.0/17 exact;
                route-filter 206.24.0.0/17 exact;
                route-filter 208.131.0.0/17 exact;
                route-filter 216.136.128.0/17 exact;
                route-filter 206.99.128.0/17 exact;
                route-filter 204.189.0.0/16 exact;
                route-filter 206.79.0.0/16 exact;
                route-filter 208.162.0.0/16 exact;
                route-filter 207.82.0.0/16 exact;
                route-filter 207.149.0.0/16 exact;
                route-filter 209.176.0.0/16 exact;
                route-filter 206.142.0.0/16 exact;
                route-filter 205.136.0.0/16 exact;
                route-filter 64.14.0.0/16 exact;
                route-filter 207.124.0.0/16 exact;
                route-filter 207.3.0.0/16 exact;
                route-filter 209.1.0.0/16 exact;
                route-filter 208.156.0.0/16 exact;
                route-filter 206.129.0.0/16 exact;
                route-filter 208.139.0.0/16 exact;
                route-filter 209.223.0.0/16 exact;
                route-filter 209.144.0.0/16 exact;
                route-filter 209.185.0.0/16 exact;
                route-filter 206.98.0.0/16 exact;
                route-filter 206.150.0.0/16 exact;
                route-filter 206.152.0.0/16 exact;
                route-filter 209.67.0.0/16 exact;
                route-filter 206.155.0.0/16 exact;
                route-filter 207.51.0.0/16 exact;
                route-filter 208.130.0.0/16 exact;
                route-filter 63.137.0.0/16 exact;
                route-filter 206.25.0.0/16 exact;
                route-filter 208.133.0.0/16 exact;
                route-filter 165.193.0.0/16 exact;
                route-filter 167.215.0.0/16 exact;
                route-filter 208.172.0.0/16 exact;
                route-filter 205.216.0.0/16 exact;
                route-filter 208.174.0.0/16 exact;
                route-filter 207.48.0.0/15 exact;
                route-filter 208.160.0.0/15 exact;
                route-filter 63.128.0.0/15 exact;
                route-filter 208.164.0.0/15 exact;
                route-filter 204.70.0.0/15 exact;
                route-filter 206.156.0.0/15 exact;
                route-filter 208.158.0.0/15 exact;
                route-filter 208.170.0.0/15 exact;
                route-filter 208.134.0.0/15 exact;
                route-filter 206.30.0.0/15 exact;
                route-filter 208.136.0.0/15 exact;
                route-filter 66.100.0.0/15 exact;
                route-filter 208.128.0.0/15 exact;
                route-filter 205.218.0.0/15 exact;
                route-filter 207.0.0.0/15 exact;
                route-filter 205.138.0.0/15 exact;
                route-filter 206.26.0.0/15 exact;
                route-filter 206.100.0.0/14 exact;
                route-filter 216.88.0.0/14 exact;
                route-filter 64.240.0.0/14 exact;
                route-filter 208.140.0.0/14 exact;
                route-filter 216.32.0.0/14 exact;
                route-filter 208.152.0.0/14 exact;
                route-filter 208.144.0.0/13 exact;
            }
            then accept;
        }
        term two {
            then reject;
        }
    }
    policy-statement deny-all {
        then reject;
    }
    policy-statement set-customer-non-transit-local-pref-US {
        term delete-community {
            then {
                community delete delete-cw-comm;
                next term;
            }
        }
        term comm-70 {
            from community comm-70;
            then {
                local-preference 70;
                community add comm-US-customer;
                community add comm-no-peer;
                next policy;
            }
        }
        term comm-80 {
            from community comm-80;
            then {
                local-preference 80;
                community add comm-US-customer;
                community add comm-no-peer;
                next policy;
            }
        }
        term comm-90 {
            from community comm-90;
            then {
                local-preference 90;
                community add comm-US-customer;
                community add comm-no-peer;
                next policy;
            }
        }
        term comm-100 {
            then {
                local-preference 100;
                community add comm-US-customer;
                community add comm-no-peer;
                next policy;
            }
        }
    }
    policy-statement ddostracking2 {
        from community dos-victim2;
        then destination-class dos-victim2;
    }
    policy-statement ddostracking3 {
        from community dos-victim3;
        then destination-class dos-victim3;
    }
    policy-statement set-customer-private-ASN-non-transit-local-pref {
        term delete-community {
            then {
                community delete delete-cw-comm;
                next term;
            }
        }
        term comm-70 {
            from community comm-70;
            then {
                local-preference 70;
                community add comm-no-peer;
                next policy;
            }
        }
        term comm-80 {
            from community comm-80;
            then {
                local-preference 80;
                community add comm-no-peer;
                next policy;
            }
        }
        term comm-90 {
            from community comm-90;
            then {
                local-preference 90;
                community add comm-no-peer;
                next policy;
            }
        }
        term comm-100 {
            then {
                local-preference 100;
                community add comm-no-peer;
                next policy;
            }
        }
    }
    policy-statement set-customer-private-ASN-local-pref {
        term delete-community {
            then {
                community delete delete-cw-comm;
                next term;
            }
        }
        term comm-70 {
            from community comm-70;
            then {
                local-preference 70;
                next policy;
            }
        }
        term comm-80 {
            from community comm-80;
            then {
                local-preference 80;
                next policy;
            }
        }
        term comm-90 {
            from community comm-90;
            then {
                local-preference 90;
                next policy;
            }
        }
        term comm-100 {
            then {
                local-preference 100;
                next policy;
            }
        }
    }
    policy-statement export-customer-routes-GB {
        term AS4293 {
            from {
                as-path as4293-routes;
                policy find-specifics;
            }
            then reject;
        }
        term comm-customer {
            from community comm-GB-customer;
            then {
                community delete comm-wild;
                accept;
            }
        }
        term comm-peer {
            from community [ comm-peer comm-customer ];
            then reject;
        }
        then {
            community delete comm-wild;
            next policy;
        }
    }
    policy-statement export-customer-routes-GB-comm {
        term AS4293 {
            from {
                as-path as4293-routes;
                policy find-specifics;
            }
            then reject;
        }
        term comm-customer {
            from community comm-GB-customer;
            then accept;
        }
        term comm-peer {
            from community [ comm-peer comm-customer ];
            then reject;
        }
        then next policy;
    }
    policy-statement set-customer-local-pref-GB {
        term delete-community {
            then {
                community delete delete-cw-comm;
                next term;
            }
        }
        term comm-70 {
            from community comm-70;
            then {
                local-preference 70;
                community add comm-GB-customer;
                next policy;
            }
        }
        term comm-80 {
            from community comm-80;
            then {
                local-preference 80;
                community add comm-GB-customer;
                next policy;
            }
        }
        term comm-90 {
            from community comm-90;
            then {
                local-preference 90;
                community add comm-GB-customer;
                next policy;
            }
        }
        term comm-100 {
            then {
                local-preference 100;
                community add comm-GB-customer;
                next policy;
            }
        }
    }
    policy-statement export-customer-routes-REU {
        term AS4293 {
            from {
                as-path as4293-routes;
                policy find-specifics;
            }
            then reject;
        }
        term comm-customer {
            from community comm-REU-customer;
            then {
                community delete comm-wild;
                accept;
            }
        }
        term comm-peer {
            from community [ comm-peer comm-customer ];
            then reject;
        }
        then {
            community delete comm-wild;
            next policy;
        }
    }
    policy-statement export-customer-routes-REU-comm {
        term AS4293 {
            from {
                as-path as4293-routes;
                policy find-specifics;
            }
            then reject;
        }
        term comm-customer {
            from community comm-REU-customer;
            then accept;
        }
        term comm-peer {
            from community [ comm-peer comm-customer ];
            then reject;
        }
        then next policy;
    }
    policy-statement set-peer-local-pref-100-REU {
        then {
            local-preference 100;
            community set comm-REU-peer;
        }
    }
    policy-statement set-peer-local-pref-REU {
        then {
            metric 128;
            local-preference 80;
            community set comm-REU-peer;
        }
    }
    policy-statement set-customer-non-transit-local-pref-GB {
        term delete-community {
            then {
                community delete delete-cw-comm;
                next term;
            }
        }
        term comm-70 {
            from community comm-70;
            then {
                local-preference 70;
                community add comm-GB-customer;
                community add comm-no-peer;
                next policy;
            }
        }
        term comm-80 {
            from community comm-80;
            then {
                local-preference 80;
                community add comm-GB-customer;
                community add comm-no-peer;
                next policy;
            }
        }
        term comm-90 {
            from community comm-90;
            then {
                local-preference 90;
                community add comm-GB-customer;
                community add comm-no-peer;
                next policy;
            }
        }
        term comm-100 {
            then {
                local-preference 100;
                community add comm-GB-customer;
                community add comm-no-peer;
                next policy;
            }
        }
    }
    policy-statement announce-local {
        term reject-default {
            from {
                route-filter 0.0.0.0/0 exact;
            }
            then reject;
        }
        term announce-local {
            from {
                route-filter 213.174.192.0/25 exact;
                route-filter 213.174.192.208/29 exact;
                route-filter 213.174.192.216/29 exact;
                route-filter 213.174.193.0/28 exact;
                route-filter 213.174.195.0/26 exact;
                route-filter 213.174.195.112/28 exact;
                route-filter 213.174.195.128/28 exact;
                route-filter 213.174.195.176/28 exact;
                route-filter 213.174.195.224/28 exact;
                route-filter 213.174.196.0/28 exact;
                route-filter 213.174.196.16/28 exact;
                route-filter 213.174.196.32/28 exact;
                route-filter 213.174.196.64/28 exact;
                route-filter 213.174.196.96/28 exact;
                route-filter 213.174.196.160/28 exact;
                route-filter 213.174.196.176/28 exact;
                route-filter 213.174.196.224/29 exact;
                route-filter 213.174.196.240/28 exact;
                route-filter 213.174.198.0/27 exact;
                route-filter 213.174.198.32/27 exact;
                route-filter 213.174.198.64/27 exact;
                route-filter 213.174.198.192/29 exact;
                route-filter 213.174.198.208/28 exact;
                route-filter 213.174.198.240/29 exact;
                route-filter 213.174.199.0/27 exact;
                route-filter 213.174.199.64/27 exact;
                route-filter 213.174.199.96/28 exact;
                route-filter 213.174.199.128/29 exact;
                route-filter 213.174.199.144/29 exact;
                route-filter 213.174.199.160/27 exact;
                route-filter 213.174.200.0/28 exact;
                route-filter 213.174.200.80/28 exact;
                route-filter 213.174.200.128/29 exact;
                route-filter 213.174.200.144/28 exact;
                route-filter 213.174.200.192/27 exact;
                route-filter 213.174.201.96/28 exact;
                route-filter 213.174.201.128/25 exact;
                route-filter 213.174.202.160/27 exact;
                route-filter 213.174.205.0/24 exact;
                route-filter 213.174.207.116/32 exact;
                route-filter 213.174.198.128/27 exact;
                route-filter 213.174.199.224/27 exact;
                route-filter 213.174.195.64/29 exact;
                route-filter 213.174.202.128/27 exact;
                route-filter 213.174.197.176/28 exact;
                route-filter 213.174.200.32/28 exact;
                route-filter 213.174.202.0/25 exact;
                route-filter 212.124.244.0/26 exact;
                route-filter 165.193.172.72/30 exact;
                route-filter 213.174.195.72/29 exact;
                route-filter 213.174.192.144/28 exact;
                route-filter 213.174.200.224/28 exact;
                route-filter 213.174.203.224/27 exact;
                route-filter 213.174.196.232/29 exact;
                route-filter 206.24.172.80/30 exact;
                route-filter 213.174.197.240/28 exact;
                route-filter 213.174.197.0/25 exact;
                route-filter 212.117.224.192/26 exact;
                route-filter 213.174.198.252/32 exact;
                route-filter 213.174.198.253/32 exact;
                route-filter 212.124.227.48/28 exact;
                route-filter 212.124.251.160/28 exact;
                route-filter 82.118.66.0/24 exact;
                route-filter 82.118.67.0/24 exact;
                route-filter 82.118.65.112/28 exact;
                route-filter 213.174.199.48/29 exact;
                route-filter 82.118.65.192/26 exact;
                route-filter 82.118.71.0/27 exact;
                route-filter 82.118.95.96/27 exact;
                route-filter 212.124.251.176/28 exact;
                route-filter 213.174.200.16/28 exact;
                route-filter 212.117.224.0/26 exact;
                route-filter 212.124.226.88/29 exact;
                route-filter 82.118.71.64/26 exact;
                route-filter 213.174.198.192/28 exact;
                route-filter 206.24.172.144/28 exact;
                route-filter 82.118.70.0/24 exact;
                route-filter 82.118.65.104/29 exact;
                route-filter 82.118.65.96/29 exact;
                route-filter 212.124.252.112/28 exact;
                route-filter 212.124.253.32/28 exact;
                route-filter 206.24.172.192/26 exact;
                route-filter 206.24.172.128/30 exact;
                route-filter 206.24.172.132/30 exact;
                route-filter 206.24.172.136/30 exact;
                route-filter 212.124.227.160/27 exact;
                route-filter 212.124.239.192/27 exact;
                route-filter 212.117.224.112/28 exact;
                route-filter 212.124.240.0/28 exact;
                route-filter 216.219.74.0/23 exact;
                route-filter 212.124.240.176/28 exact;
                route-filter 212.124.236.32/29 exact;
                route-filter 212.124.224.64/28 exact;
                route-filter 212.124.241.208/28 exact;
                route-filter 213.174.193.128/27 exact;
                route-filter 212.124.241.240/28 exact;
                route-filter 213.174.192.0/19 exact;
            }
            then {
                next-hop self;
                accept;
            }
        }
        term backup-static {
            from {
                route-filter 213.174.195.80/28 exact;
                route-filter 213.174.196.128/28 exact;
                route-filter 213.174.196.192/28 exact;
                route-filter 213.174.197.208/28 exact;
                route-filter 213.174.200.96/28 exact;
                route-filter 213.174.201.0/28 exact;
                route-filter 213.174.201.32/32 exact;
                route-filter 213.174.201.64/32 exact;
                route-filter 213.174.202.192/27 exact;
                route-filter 213.174.202.224/28 exact;
                route-filter 213.174.197.128/27 exact;
                route-filter 192.168.0.1/32 exact;
            }
            then {
                local-preference 90;
                next-hop self;
                accept;
            }
        }
        from {
            route-filter 213.174.203.192/28 exact;
            route-filter 213.174.198.184/29 exact;
            route-filter 213.174.198.160/28 exact;
            route-filter 213.174.196.112/28 exact;
            route-filter 213.174.198.176/29 exact;
        }
    }
    policy-statement deny-default {
        term one {
            from {
                route-filter 0.0.0.0/0 exact reject;
            }
        }
    }
    policy-statement isis-tag {
        term one {
            from {
                protocol isis;
                tag 120;
            }
            then accept;
        }
        term two {
            then reject;
        }
    }
    policy-statement redistribute-direct {
        term one {
            from protocol direct;
            then accept;
        }
        then reject;
    }
    policy-statement AS65530-DDoS {
        term accept-DDoS {
            from {
                community dos-victim1;
                route-filter 165.193.172.96/27 orlonger;
            }
            then {
                local-preference 100;
                community delete delete-cw-comm;
                next-hop 206.24.194.51;
                accept;
            }
        }
        term next-policy {
            then next policy;
        }
    }
    policy-statement AS65530 {
        term accept-prefix {
            from {
                route-filter 165.193.172.96/27 exact accept;
            }
            then accept;
        }
        term reject-rest {
            then reject;
        }
    }
    policy-statement set-comm-shasta {
        term cntx04 {
            from as-path shasta-cntx04;
            then {
                community set comm-shasta-cntx04;
                next policy;
            }
        }
        term shasta-cntx11 {
            from as-path shasta-cntx11;
            then {
                community set comm-shasta-cntx11;
                next policy;
            }
        }
        term shasta-cntx12 {
            from as-path shasta-cntx12;
            then {
                community set comm-shasta-cntx12;
                next policy;
            }
        }
        term shasta-cntx13 {
            from as-path shasta-cntx13;
            then {
                community set comm-shasta-cntx13;
                next policy;
            }
        }
        term shasta-cntx14 {
            from as-path shasta-cntx14;
            then {
                community set comm-shasta-cntx14;
                next policy;
            }
        }
        term shasta-cntx32 {
            from as-path shasta-cntx32;
            then {
                community set comm-shasta-cntx32;
                next policy;
            }
        }
    }
    policy-statement prefix-shasta {
        term 10 {
            from {
                route-filter 82.118.93.0/24 orlonger;
                route-filter 212.124.236.48/28 exact;
            }
            then {
                damping none;
                accept;
            }
        }
        then reject;
    }
    policy-statement block-general-ldp-routes {
        term one {
            from {
                route-filter 208.174.15.0/24 orlonger;
                route-filter 209.83.159.0/24 orlonger;
            }
            then accept;
        }
        term two {
            then reject;
        }
    }
    policy-statement export-sec-loopback {
        term one {
            from {
                route-filter 208.174.15.156/32 exact;
            }
            then accept;
        }
        term two {
            then reject;
        }
    }
    policy-statement DDoS {
        term accept-DDoS {
            from community dos-victim1;
            then {
                local-preference 100;
                community delete delete-cw-comm;
                next-hop 206.24.194.51;
                accept;
            }
        }
        term next-policy {
            then next policy;
        }
    }
    policy-statement export-peer-routes {
        term AS4293 {
            from {
                as-path as4293-routes;
                policy find-specifics;
            }
            then reject;
        }
        term comm-peer {
            from community comm-peer;
            then {
                community delete comm-wild;
                accept;
            }
        }
        term comm-customer {
            from community comm-customer;
            then reject;
        }
        then reject;
    }
    policy-statement export-peer-routes-comm {
        term AS4293 {
            from {
                as-path as4293-routes;
                policy find-specifics;
            }
            then reject;
        }
        term comm-peer {
            from community comm-peer;
            then accept;
        }
        term comm-customer {
            from community comm-customer;
            then reject;
        }
        then reject;
    }
    community AS2828-0 members 3561:30030;
    community AS2828-1 members 3561:30031;
    community AS2828-2 members 3561:30032;
    community AS2828-3 members 3561:30033;
    community AS2828-9 members 3561:30039;
    community comm-70 members 3561:70;
    community comm-80 members 3561:80;
    community comm-90 members 3561:90;
    community comm-GB-customer members 3561:12826;
    community comm-REU-customer members 3561:12...;
    community comm-REU-peer members 3561:22000;
    community comm-RNA-customer members 3561:11...;
    community comm-RNA-peer members 3561:21000;
    community comm-US-customer members 3561:11840;
    community comm-announce-only members 3561:30..9;
    community comm-customer members 3561:1....;
    community comm-no-export members no-export;
    community comm-no-peer members 3561:30000;
    community comm-peer members 3561:2....;
    community comm-shasta-cntx04 members 3561:65090;
    community comm-shasta-cntx11 members 3561:65091;
    community comm-shasta-cntx12 members 3561:65092;
    community comm-shasta-cntx13 members 3561:65093;
    community comm-shasta-cntx14 members 3561:65094;
    community comm-shasta-cntx32 members 3561:65095;
    community comm-wild members *:*;
    community delete-cw-comm members [ 3561:1.* 3561:2.* 3561:700 3561:701 ];
    community dos-victim1 members 3561:666;
    community dos-victim2 members 3561:700;
    community dos-victim3 members 3561:701;
    community guard-DDoS members 3561:6157;
    as-path private-as ".* 64512-65535+ .*";
    as-path swamp ".*(174|209|701|702|1239|1299|1668|2828|2914|3257|3300|3320|3356|3549|5511|6461|6762|7018|7132|8220).*";
    as-path as4293-routes ".*(4293|64512-65535).*";
    as-path shasta-cntx04 65090;
    as-path shasta-cntx11 65091;
    as-path shasta-cntx12 65092;
    as-path shasta-cntx13 65093;
    as-path shasta-cntx14 65094;
    as-path shasta-cntx32 65095;
    damping cisco {
        reuse 1500;
        suppress 4001;
    }
    damping none {
        disable;
    }
}
firewall {
    policer limit-ssh {
        if-exceeding {
            bandwidth-limit 5m;
            burst-size-limit 15k;
        }
        then discard;
    }
    policer limit-snmp {
        if-exceeding {
            bandwidth-limit 1m;
            burst-size-limit 15k;
        }
        then discard;
    }
    policer limit-udp {
        if-exceeding {
            bandwidth-limit 2m;
            burst-size-limit 15k;
        }
        then discard;
    }
    policer limit-ntp {
        if-exceeding {
            bandwidth-limit 500k;
            burst-size-limit 15k;
        }
        then discard;
    }
    policer limit-syn {
        if-exceeding {
            bandwidth-limit 1m;
            burst-size-limit 15k;
        }
        then discard;
    }
    policer limit-traceroutes {
        if-exceeding {
            bandwidth-limit 1m;
            burst-size-limit 15k;
        }
        then discard;
    }
    policer limit-ddos {
        if-exceeding {
            bandwidth-limit 2m;
            burst-size-limit 15k;
        }
        then discard;
    }
    policer limit-icmp {
        if-exceeding {
            bandwidth-limit 20m;
            burst-size-limit 2m;
        }
        then discard;
    }
    policer limit-management {
        if-exceeding {
            bandwidth-limit 5m;
            burst-size-limit 1m;
        }
        then discard;
    }
    filter deny-non-routable {
        term block_nonroutable {
            from {
                source-prefix-list {
                    non-routable-list;
                }
            }
            then {
                count non-routable-packets;
                discard;
            }
        }
        term first {
            then {
                count cflowd-stat;
                sample;
                next term;
            }
        }
        term last {
            then accept;
        }
    }
    filter ACL10 {
        term NTP_accept {
            from {
                source-prefix-list {
                    ntp-list;
                }
                protocol udp;
                port ntp;
            }
            then {
                policer limit-management;
                accept;
            }
        }
        term BGP_SYN_accept {
            from {
                source-prefix-list {
                    bgp-list;
                }
                protocol tcp;
                port bgp;
                tcp-initial;
            }
            then {
                policer limit-syn;
                accept;
            }
        }
        term BGP_accept {
            from {
                source-prefix-list {
                    bgp-list;
                }
                protocol tcp;
                port bgp;
            }
            then accept;
        }
        term SSH_accept {
            from {
                source-prefix-list {
                    core-list;
                    host-list;
                }
                protocol tcp;
                port ssh;
            }
            then {
                policer limit-management;
                accept;
            }
        }
        term SSH_deny {
            from {
                protocol tcp;
                port ssh;
            }
            then {
                count SSH_deny;
                syslog;
                discard;
            }
        }
        term SNMP_accept {
            from {
                source-prefix-list {
                    snmp-list;
                }
                protocol udp;
                port snmp;
            }
            then {
                policer limit-management;
                accept;
            }
        }
        term MSDP_accept {
            from {
                source-prefix-list {
                    msdp-list;
                }
                protocol tcp;
                port [ 639 679 ];
            }
            then {
                policer limit-management;
                accept;
            }
        }
        term LDP_accept {
            from {
                source-prefix-list {
                    ldp-list;
                }
                protocol [ tcp udp ];
                port ldp;
            }
            then {
                policer limit-management;
                accept;
            }
        }
        term DNS_accept {
            from {
                source-prefix-list {
                    dns-list;
                }
                protocol udp;
                port 53;
            }
            then {
                policer limit-management;
                accept;
            }
        }
        term RADIUS_accept {
            from {
                source-prefix-list {
                    radius-list;
                }
                protocol [ udp tcp ];
                source-port radius;
            }
            then {
                policer limit-management;
                accept;
            }
        }
        term IGMP_accept {
            from {
                destination-address {
                    224.0.0.0/24;
                }
                protocol igmp;
            }
            then {
                policer limit-management;
                accept;
            }
        }
        term VRRP_accept {
            from {
                destination-address {
                    224.0.0.18/32;
                }
                protocol vrrp;
            }
            then {
                policer limit-management;
                accept;
            }
        }
        term RIP_accept {
            from {
                destination-address {
                    224.0.0.9/32;
                }
                protocol udp;
                port 520;
            }
            then {
                policer limit-management;
                accept;
            }
        }
        term OSPF_accept {
            from {
                protocol ospf;
            }
            then {
                policer limit-management;
                accept;
            }
        }
        term PIM {
            from {
                protocol pim;
            }
            then {
                policer limit-management;
                accept;
            }
        }
        term RSVP {
            from {
                protocol rsvp;
            }
            then {
                policer limit-management;
                accept;
            }
        }
        term no-ICMP-source-quench {
            from {
                protocol icmp;
                icmp-type source-quench;
            }
            then {
                discard;
            }
        }
        term ICMP {
            from {
                protocol icmp;
            }
            then {
                policer limit-icmp;
                accept;
            }
        }
        term traceroutes {
            from {
                protocol udp;
                destination-port 33434-33523;
            }
            then {
                policer limit-management;
                accept;
            }
        }
        term everything-else {
            then {
                count deny_everything;
                syslog;
                discard;
            }
        }
        term TELNET_deny {
            from {
                protocol tcp;
                port telnet;
            }
            then {
                count TELNET_deny;
                syslog;
                discard;
            }
        }
        term LDP_need_to_fix {
            from {
                protocol [ tcp udp ];
                port ldp;
            }
            then {
                policer limit-management;
                count LDP_bogus;
                syslog;
                accept;
            }
        }
    }
    filter IDS-ZYNAPCOLO-TO-NET-ANTI-SPOOF {
        term Permit-Established {
            from {
                source-address {
                    213.174.199.208/29;
                }
                tcp-established;
            }
            then {
                count tcp-established;
                accept;
            }
        }
        term Permit-112 {
            from {
                source-address {
                    213.174.199.208/29;
                }
                destination-address {
                    224.0.0.0/24;
                }
                protocol 112;
            }
            then {
                count Multi;
                accept;
            }
        }
        term Permit-563x {
            from {
                source-address {
                    213.174.199.208/29;
                }
                destination-address {
                    62.55.0.0/16;
                    80.177.32.8/29;
                    212.124.224.56/29;
                }
                protocol [ udp tcp ];
                port 5631-5632;
            }
            then {
                count 563x;
                accept;
            }
        }
        term Permit-WWW {
            from {
                source-address {
                    213.174.199.208/29;
                }
                protocol tcp;
                port http;
            }
            then {
                count WWW;
                accept;
            }
        }
        term Deny-SNMP {
            from {
                source-address {
                    213.174.199.208/29;
                }
                destination-address {
                    213.174.199.208/29;
                }
                protocol [ udp tcp ];
                port [ 161 162 ];
            }
            then {
                count SNMP;
                reject;
            }
        }
        term Permit-Destinations {
            from {
                source-address {
                    213.174.199.208/29;
                }
                destination-address {
                    213.174.199.208/29;
                }
            }
            then {
                count Permitted;
                accept;
            }
        }
        term Permit-ntp {
            from {
                source-address {
                    213.174.199.208/29;
                }
                destination-address {
                    213.174.195.20/31;
                }
                protocol udp;
                port ntp;
            }
            then {
                count NTP;
                accept;
            }
        }
        term Permit-DNS {
            from {
                source-address {
                    213.174.199.208/29;
                }
                destination-address {
                    213.174.195.20/30;
                }
                protocol [ udp tcp ];
                port domain;
            }
            then {
                count DNS;
                accept;
            }
        }
        term Permit-Multi2 {
            from {
                source-address {
                    213.174.199.208/29;
                }
                destination-address {
                    224.0.0.0/24;
                }
                protocol udp;
            }
            then {
                count MULTI2;
                accept;
            }
        }
        term Permit-Ftp {
            from {
                source-address {
                    213.174.199.208/29;
                }
                protocol tcp;
                port ftp-data;
            }
            then {
                count FTP;
                accept;
            }
        }
        term Deny-ALL {
            then {
                count Denied;
                reject;
            }
        }
    }
    filter NET-TO-IDS-ZYNAPCOLO-ANTI-SPOOF {
        term Permit-Established {
            from {
                tcp-established;
            }
            then {
                count tcp-established;
                accept;
            }
        }
        term Permit-563x {
            from {
                source-address {
                    62.55.0.0/16;
                    80.177.32.8/29;
                    212.124.224.56/29;
                }
                destination-address {
                    213.174.199.208/29;
                }
                protocol [ udp tcp ];
                port 5631-5632;
            }
            then {
                count 563x;
                accept;
            }
        }
        term Permit-Various-TCP {
            from {
                destination-address {
                    213.174.199.208/29;
                }
                protocol tcp;
                port [ 389 522 4000 4001 smtp ftp 2000 2001 3389 http 443 ];
            }
            then {
                count various;
                accept;
            }
        }
        term Permit-Various-UDP {
            from {
                destination-address {
                    213.174.199.208/29;
                }
                protocol udp;
                port [ domain ntp 30000-65535 ];
            }
            then {
                count UDP;
                accept;
            }
        }
        term Permit-ICMP {
            from {
                source-address {
                    10.83.251.20/30;
                }
                destination-address {
                    213.174.199.208/29;
                }
                protocol icmp;
            }
            then {
                count ICMP;
                accept;
            }
        }
        term Deny-ALL {
            then {
                count denied;
                reject;
            }
        }
    }
    filter IDS-BANDQCOLO-TO-NET-ANTI-SPOOF {
        term one {
            from {
                tcp-established;
            }
            then accept;
        }
        term two {
            from {
                source-address {
                    10.83.54.160/29;
                }
                destination-address {
                    10.83.54.160/29;
                }
                protocol udp;
                port [ snmp snmptrap ];
            }
            then {
                count snmp-snmptrap;
                discard;
            }
        }
        term three {
            from {
                source-address {
                    10.83.54.160/29;
                }
                destination-address {
                    10.83.54.160/29;
                }
                protocol tcp;
                port [ 161 162 ];
            }
            then {
                count 161-162;
                discard;
            }
        }
        term four {
            from {
                source-address {
                    10.83.54.160/29;
                }
                destination-address {
                    213.174.195.20/30;
                }
                protocol udp;
                port domain;
            }
            then accept;
        }
        term five {
            from {
                source-address {
                    10.83.54.160/29;
                }
                destination-address {
                    213.174.195.20/30;
                }
                protocol udp;
                source-port domain;
                destination-port [ 1023-65530 1023-65535 ];
            }
            then accept;
        }
        term six {
            from {
                source-address {
                    10.83.54.160/29;
                }
                destination-address {
                    213.174.195.20/31;
                }
                protocol udp;
                port ntp;
            }
            then accept;
        }
        term seven {
            from {
                source-address {
                    10.83.54.160/29;
                }
                destination-address {
                    213.174.195.20/31;
                }
                protocol udp;
                source-port ntp;
                destination-port 1023-65535;
            }
            then accept;
        }
        term eight {
            from {
                source-address {
                    10.83.54.160/29;
                }
                destination-address {
                    224.0.0.0/24;
                }
                protocol udp;
            }
            then accept;
        }
        term nine {
            from {
                source-address {
                    10.83.54.160/29;
                }
                destination-address {
                    10.83.54.160/29;
                }
            }
            then accept;
        }
        term ten {
            from {
                source-address {
                    10.83.54.160/29;
                }
            }
            then accept;
        }
        term eleven {
            from {
                source-address {
                    213.174.195.64/29;
                }
            }
            then accept;
        }
        term twelve {
            from {
                source-address {
                    213.174.202.128/27;
                }
            }
            then accept;
        }
        term thirteen {
            then {
                discard;
            }
        }
    }
    filter NET-TO-IDS-INEXTCOLO-ANTI-SPOOF {
        term one {
            from {
                tcp-established;
            }
            then accept;
        }
        term two {
            from {
                source-address {
                    213.174.195.20/30;
                }
                destination-address {
                    213.174.199.112/29;
                }
                protocol udp;
                port domain;
            }
            then accept;
        }
        term three {
            from {
                source-address {
                    213.174.195.20/30;
                }
                destination-address {
                    213.174.199.112/29;
                }
                protocol udp;
                source-port domain;
                destination-port 1023-65535;
            }
            then accept;
        }
        term four {
            from {
                source-address {
                    213.174.195.20/31;
                }
                destination-address {
                    213.174.199.112/29;
                }
                port ntp;
            }
            then accept;
        }
        term five {
            from {
                source-address {
                    213.174.195.20/31;
                }
                destination-address {
                    213.174.199.112/29;
                }
                protocol udp;
                source-port ntp;
                destination-port 1023-65535;
            }
            then accept;
        }
        term six {
            from {
                destination-address {
                    213.174.199.112/29;
                }
            }
            then accept;
        }
        term seven {
            from {
                destination-address {
                    213.174.199.224/27;
                }
            }
            then accept;
        }
        term eight {
            from {
                destination-address {
                    213.174.198.128/27;
                }
            }
            then accept;
        }
        term nine {
            then {
                discard;
            }
        }
    }
    filter IDS-INCHCAPECOLO-TO-NET-ANTI-SPOOF {
        term one {
            from {
                tcp-established;
            }
            then {
                count tcp-established;
                accept;
            }
        }
        term two {
            from {
                source-address {
                    213.174.199.112/29;
                }
                destination-address {
                    224.0.0.0/24;
                }
                port 112;
            }
            then {
                count 112;
                accept;
            }
        }
        term three {
            from {
                source-address {
                    213.174.203.0/26;
                }
                destination-address {
                    213.174.203.0/26;
                }
                protocol udp;
                port [ snmp snmptrap ];
            }
            then {
                count snmp-snmptrap;
                discard;
            }
        }
        term four {
            from {
                source-address {
                    213.174.203.0/26;
                }
                destination-address {
                    213.174.203.0/26;
                }
                protocol tcp;
                port [ 161 162 ];
            }
            then {
                count 161-162;
                discard;
            }
        }
        term five {
            from {
                destination-address {
                    213.174.203.0/26;
                }
                protocol udp;
                port domain;
            }
            then {
                count domain;
                accept;
            }
        }
        term six {
            from {
                source-address {
                    213.174.203.0/26;
                }
                destination-address {
                    213.174.195.20/30;
                }
                protocol udp;
                source-port domain;
                destination-port 1023-65535;
            }
            then {
                count domain-to-1023-65535;
                accept;
            }
        }
        term seven {
            from {
                source-address {
                    213.174.203.0/26;
                }
                destination-address {
                    213.174.195.20/30;
                }
                protocol udp;
                port ntp;
            }
            then {
                count ntp;
                accept;
            }
        }
        term eight {
            from {
                source-address {
                    213.174.203.0/26;
                }
                destination-address {
                    213.174.195.20/30;
                }
                protocol udp;
                source-port ntp;
                destination-port 1023-65535;
            }
            then {
                count ntp-to-1023-65535;
                accept;
            }
        }
        term nine {
            from {
                source-address {
                    213.174.203.0/26;
                }
                destination-address {
                    224.0.0.0/24;
                }
                protocol udp;
            }
            then {
                count udp;
                accept;
            }
        }
        term ten {
            from {
                source-address {
                    213.174.203.0/26;
                }
                destination-address {
                    213.174.203.0/26;
                }
            }
            then {
                count ip;
                accept;
            }
        }
        term eleven {
            from {
                source-address {
                    213.174.203.0/26;
                }
                destination-address {
                    0.0.0.0/0;
                }
            }
            then {
                count ip-any;
                accept;
            }
        }
        term twelve {
            from {
                source-address {
                    0.0.0.0/0;
                }
                destination-address {
                    0.0.0.0/0;
                }
            }
            then {
                count discard;
                discard;
            }
        }
    }
    filter ACL109 {
        term one {
            from {
                tcp-established;
            }
            then {
                count tcp-established;
                accept;
            }
        }
        term two {
            from {
                source-address {
                    0.0.0.0/0;
                }
                destination-address {
                    213.174.194.0/26;
                }
                protocol esp;
            }
            then {
                count esp;
                accept;
            }
        }
        term three {
            from {
                source-address {
                    0.0.0.0/0;
                }
                destination-address {
                    213.174.194.0/26;
                }
                protocol ah;
            }
            then {
                count ah;
                accept;
            }
        }
        term four {
            from {
                source-address {
                    0.0.0.0/0;
                }
                destination-address {
                    213.174.194.0/26;
                }
                protocol udp;
                source-port 1531;
                destination-port 500;
            }
            then {
                count isakmp;
                accept;
            }
        }
        term five {
            from {
                source-address {
                    0.0.0.0/0;
                }
                destination-address {
                    213.174.194.0/26;
                }
                protocol udp;
                port 10001;
            }
            then {
                count 10001;
                accept;
            }
        }
        term six {
            from {
                source-address {
                    0.0.0.0/0;
                }
                destination-address {
                    213.174.194.0/26;
                }
                protocol gre;
            }
            then {
                count gre;
                accept;
            }
        }
        term seven {
            from {
                source-address {
                    0.0.0.0/0;
                }
                destination-address {
                    213.174.194.0/26;
                }
                protocol tcp;
                port 1723;
            }
            then {
                count 1723;
                accept;
            }
        }
        term eight {
            from {
                source-address {
                    0.0.0.0/0;
                }
                destination-address {
                    213.174.194.0/26;
                }
                protocol icmp;
            }
            then {
                count icmp;
                accept;
            }
        }
        term nine {
            from {
                source-address {
                    0.0.0.0/0;
                }
                destination-address {
                    0.0.0.0/0;
                }
            }
            then {
                count deny-all;
                discard;
            }
        }
    }
    filter NET-TO-IDS-INCHCAPECOLO-ANTI-SPOOF {
        term one {
            from {
                tcp-established;
            }
            then {
                count tcp-established;
                accept;
            }
        }
        term two {
            from {
                source-address {
                    213.174.195.20/30;
                }
                destination-address {
                    213.174.203.0/26;
                }
                protocol udp;
                port domain;
            }
            then {
                count domain;
                accept;
            }
        }
        term three {
            from {
                source-address {
                    213.174.195.20/30;
                }
                destination-address {
                    213.174.203.0/26;
                }
                protocol udp;
                source-port domain;
                destination-port 1023-65535;
            }
            then {
                count domain-to-1023-65535;
                accept;
            }
        }
        term four {
            from {
                source-address {
                    213.174.195.20/30;
                }
                destination-address {
                    213.174.203.0/26;
                }
                protocol udp;
                port ntp;
            }
            then {
                count ntp;
                accept;
            }
        }
        term five {
            from {
                source-address {
                    213.174.195.20/30;
                }
                destination-address {
                    213.174.203.0/26;
                }
                protocol udp;
                source-port ntp;
                destination-port 1023-65535;
            }
            then {
                count ntp-to-1023-65535;
                accept;
            }
        }
        term six {
            from {
                source-address {
                    0.0.0.0/0;
                }
                destination-address {
                    213.174.203.0/26;
                }
            }
            then {
                count ip-any;
                accept;
            }
        }
        term seven {
            from {
                source-address {
                    0.0.0.0/0;
                }
                destination-address {
                    0.0.0.0/0;
                }
            }
            then {
                count discard;
                discard;
            }
        }
    }
    filter IDS-INEXTCOLO-TO-NET-ANTI-SPOOF {
        term one {
            from {
                tcp-established;
            }
            then accept;
        }
        term two {
            from {
                source-address {
                    213.174.199.112/29;
                }
                destination-address {
                    224.0.0.0/24;
                }
                protocol 112;
            }
            then accept;
        }
        term three {
            from {
                source-address {
                    213.174.199.112/29;
                }
                destination-address {
                    213.174.199.112/29;
                }
                protocol udp;
                port [ snmp snmptrap ];
            }
            then {
                discard;
            }
        }
        term four {
            from {
                source-address {
                    213.174.199.112/29;
                }
                destination-address {
                    213.174.199.112/29;
                }
                protocol tcp;
                port [ 161 162 ];
            }
            then {
                discard;
            }
        }
        term five {
            from {
                source-address {
                    213.174.199.112/29;
                }
                destination-address {
                    213.174.195.20/30;
                }
                protocol udp;
                port domain;
            }
            then accept;
        }
        term six {
            from {
                source-address {
                    213.174.199.112/29;
                }
                destination-address {
                    213.174.195.20/30;
                }
                source-port domain;
                destination-port 1023-65535;
            }
            then accept;
        }
        term seven {
            from {
                source-address {
                    213.174.199.112/29;
                }
                destination-address {
                    213.174.195.20/31;
                }
                protocol udp;
                port ntp;
            }
            then accept;
        }
        term eight {
            from {
                source-address {
                    213.174.199.112/29;
                }
                destination-address {
                    213.174.195.20/31;
                }
                protocol udp;
                source-port ntp;
                destination-port 1023-65535;
            }
            then accept;
        }
        term nine {
            from {
                source-address {
                    213.174.199.112/29;
                }
                destination-address {
                    224.0.0.0/24;
                }
                protocol udp;
            }
            then accept;
        }
        term ten {
            from {
                source-address {
                    213.174.199.112/29;
                }
                destination-address {
                    213.174.199.112/29;
                }
            }
            then accept;
        }
        term eleven {
            from {
                source-address {
                    213.174.199.112/29;
                }
            }
            then accept;
        }
        term twelve {
            from {
                source-address {
                    213.174.199.224/27;
                }
            }
            then accept;
        }
        term thirteen {
            from {
                source-address {
                    213.174.198.128/27;
                }
            }
            then accept;
        }
        term fourteen {
            from {
                destination-address {
                    213.174.199.114/32;
                }
                protocol tcp;
                destination-port 445;
            }
            then {
                discard;
            }
        }
        term fifteen {
            then {
                discard;
            }
        }
    }
    filter uklond6_01_cntx04_egress {
        term udp {
            from {
                protocol udp;
            }
            then {
                count udp;
                accept;
            }
        }
        term icmp {
            from {
                protocol icmp;
            }
            then {
                count icmp;
                accept;
            }
        }
        term protocol_0 {
            from {
                protocol 0;
            }
            then {
                count protocol_0;
                accept;
            }
        }
        term protocol_255 {
            from {
                protocol 255;
            }
            then {
                count protocol_255;
                accept;
            }
        }
        term port_135 {
            from {
                protocol tcp;
                port 135;
            }
            then {
                count port_135;
                accept;
            }
        }
        term port_137 {
            from {
                protocol tcp;
                port 137;
            }
            then {
                count port_137;
                accept;
            }
        }
        term port_139 {
            from {
                protocol tcp;
                port 139;
            }
            then {
                count port_139;
                accept;
            }
        }
        term port_445 {
            from {
                protocol tcp;
                port 445;
            }
            then {
                count port_445;
                accept;
            }
        }
        term port_1433 {
            from {
                protocol tcp;
                port 1433;
            }
            then {
                count port_1433;
                accept;
            }
        }
        term port_1434 {
            from {
                protocol tcp;
                port 1434;
            }
            then {
                count port_1434;
                accept;
            }
        }
        term tcp_syn {
            from {
                tcp-initial;
            }
            then {
                count tcp-initial;
                accept;
            }
        }
        term everything_else {
            then {
                count the_rest;
                accept;
            }
        }
    }
    filter uklond6_01_cntx04_ingress {
        term udp {
            from {
                protocol udp;
            }
            then {
                count udp;
                accept;
            }
        }
        term icmp {
            from {
                protocol icmp;
            }
            then {
                count icmp;
                accept;
            }
        }
        term protocol_0 {
            from {
                protocol 0;
            }
            then {
                count protocol_0;
                accept;
            }
        }
        term protocol_255 {
            from {
                protocol 255;
            }
            then {
                count protocol_255;
                accept;
            }
        }
        term port_135 {
            from {
                protocol tcp;
                port 135;
            }
            then {
                count port_135;
                accept;
            }
        }
        term port_137 {
            from {
                protocol tcp;
                port 137;
            }
            then {
                count port_137;
                accept;
            }
        }
        term port_139 {
            from {
                protocol tcp;
                port 139;
            }
            then {
                count port_139;
                accept;
            }
        }
        term port_445 {
            from {
                protocol tcp;
                port 445;
            }
            then {
                count port_445;
                accept;
            }
        }
        term port_1433 {
            from {
                protocol tcp;
                port 1433;
            }
            then {
                count port_1433;
                accept;
            }
        }
        term port_1434 {
            from {
                protocol tcp;
                port 1434;
            }
            then {
                count port_1434;
                accept;
            }
        }
        term tcp_syn {
            from {
                tcp-initial;
            }
            then {
                count tcp-initial;
                accept;
            }
        }
        term everything_else {
            then {
                count the_rest;
                accept;
            }
        }
    }
    filter cflowd {
        term cflowd-sample {
            then {
                count cflowd-stat;
                sample;
                accept;
            }
        }
    }
}