Write two simple .ZYSH CLI shell scripts for "Zyxel USG 50"
1) Script one must do these 3 things =resulting normally in 3 lines of code in config fil per EaCH rule affected/change by it. So, for the section for: "IDP"-section:
A) Activate **all** the IDP rules
B) Action is to "drop" connection
C) "Log and alert"
Script 2 must in "App patrol" section:
A) change "forward" to "drop" for *all* the 680 signatures (and also the 1400 "Network protocols")
B) "Log and Alert"
Scripts must not be obfuscated in any way and must be clearly readable and ready to use simply double-clinin on tehm
3) Need a list of these ***names of protocols*** that:
A1) Protocol names that **MUST** keep status "forward" in USG so I can connect to it - and USG can connnect out to teh internet (But NOT lsiten to anything - at all. So, no listen to Microsoft, Avast,and all theo other socalled security companies).
A2) "Names of protocls" that **must** keep status "forwarded" for internet access work nomally for this simple configuration need below - for 1 user.
A) Acccess to inrnernet with IE Explorer latest version. Windows 7 ms sp1. Thats it.
B) No Listen to anything from Internet (No software updates, no chatter tweetertwiiter, no fb, no torrent, nothign, NO remote connectionto any type of music, games, sports, TV - or any type of fun ...at all.). Only connections from INSIDE and OUT must be allowed.
C) No SSH, TSL, Telnet, Ingen VOIP, Ungen IM, UInge ting andet end det alleredde skrevet. No TLC.
Its importnat that logs reflects with any block for the "NUMBER" of the BLOCK/SIGNATURE because otherwise I cant find it and un-block a rule i case that rule gave me/gives me many problems.