Sec
set security zones security-zone PUBLIC interfaces ge-0/0/1.100 set security zones security-zone TRUST interfaces ge-0/0/1.200 set security zones security-zone DMZ interfaces ge-0/0/1.300 set security nat source pool NAT-POOL-X address 2.1.X.100/32 set security nat source rule-set NAT-RULE-X from zone TRUST set security nat source rule-set NAT-RULE-X to zone PUBLIC set security nat source rule-set NAT-RULE-X rule RULE-1X match source-address 10.10.X.0/24 set security nat source rule-set NAT-RULE-X rule RULE-1X then source-nat pool NAT-POOL-X set security policies from-zone PUBLIC to-zone TRUST policy POLICY-1X match source-address 2.1.X.100/32 set security policies from-zone PUBLIC to-zone TRUST policy POLICY-1X match destination-address 10.10.X.10/32 set security policies from-zone PUBLIC to-zone TRUST policy POLICY-1X match application ssh set security policies from-zone PUBLIC to-zone TRUST policy POLICY-1X then permit set security policies from-zone PUBLIC to-zone TRUST policy POLICY-2X match source-address 2.1.X.100/32 set security policies from-zone PUBLIC to-zone TRUST policy POLICY-2X match destination-address 10.10.X.0/24 set security policies from-zone PUBLIC to-zone TRUST policy POLICY-2X match application any set security policies from-zone PUBLIC to-zone TRUST policy POLICY-2X then deny set security policies from-zone PUBLIC to-zone PUBLIC policy POLICY-3X match source-address 192.168.200.10/32 set security policies from-zone PUBLIC to-zone PUBLIC policy POLICY-3X match destination-address 125.26.X.35/32 set security policies from-zone PUBLIC to-zone PUBLIC policy POLICY-3X match application any set security policies from-zone PUBLIC to-zone PUBLIC policy POLICY-3X then permit set security policies from-zone TRUST to-zone PUBLIC policy POLICY-4X match source-address 10.10.X.10/32 set security policies from-zone TRUST to-zone PUBLIC policy POLICY-4X match destination-address 192.168.200.10/32 set security policies from-zone TRUST to-zone PUBLIC policy POLICY-4X match application telnet set security policies from-zone TRUST to-zone PUBLIC policy POLICY-4X then permit set system syslog file LOG-SECURITY-FILE any any set system syslog file LOG-SECURITY-FILE match "session-init|session-close"