Spaces:
Runtime error
Runtime error
Replace original files
Browse files- Dockerfile +42 -0
- README.md +7 -7
- app.py +194 -10
- requirements.txt +7 -1
Dockerfile
ADDED
|
@@ -0,0 +1,42 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
FROM nvidia/cuda:12.1.0-devel-ubuntu22.04 AS dev
|
| 2 |
+
|
| 3 |
+
RUN apt-get update -y \
|
| 4 |
+
&& apt-get install -y python3-pip git
|
| 5 |
+
|
| 6 |
+
# Workaround for https://github.com/openai/triton/issues/2507 and
|
| 7 |
+
# https://github.com/pytorch/pytorch/issues/107960 -- hopefully
|
| 8 |
+
# this won't be needed for future versions of this docker image
|
| 9 |
+
# or future versions of triton.
|
| 10 |
+
RUN ldconfig /usr/local/cuda-12.1/compat/
|
| 11 |
+
|
| 12 |
+
WORKDIR /code
|
| 13 |
+
|
| 14 |
+
COPY ./requirements.txt /code/requirements.txt
|
| 15 |
+
|
| 16 |
+
# Set up a new user named "user" with user ID 1000
|
| 17 |
+
RUN useradd -m -u 1000 user
|
| 18 |
+
# Switch to the "user" user
|
| 19 |
+
USER user
|
| 20 |
+
# Set home to the user's home directory
|
| 21 |
+
ENV HOME=/home/user \
|
| 22 |
+
PATH=/home/user/.local/bin:$PATH \
|
| 23 |
+
PYTHONPATH=$HOME/app \
|
| 24 |
+
PYTHONUNBUFFERED=1 \
|
| 25 |
+
GRADIO_ALLOW_FLAGGING=never \
|
| 26 |
+
GRADIO_NUM_PORTS=1 \
|
| 27 |
+
GRADIO_SERVER_NAME=0.0.0.0 \
|
| 28 |
+
GRADIO_THEME=huggingface \
|
| 29 |
+
SYSTEM=spaces
|
| 30 |
+
|
| 31 |
+
RUN pip3 install -U pip
|
| 32 |
+
RUN pip3 install -U Cython ninja
|
| 33 |
+
RUN pip3 install --no-cache-dir --upgrade -r /code/requirements.txt
|
| 34 |
+
|
| 35 |
+
# Set the working directory to the user's home directory
|
| 36 |
+
WORKDIR $HOME/app
|
| 37 |
+
RUN git clone https://github.com/PhungVanDuy/vllm && cd vllm && pip install . && cd ..
|
| 38 |
+
|
| 39 |
+
# Copy the current directory contents into the container at $HOME/app setting the owner to the user
|
| 40 |
+
COPY --chown=user . $HOME/app
|
| 41 |
+
|
| 42 |
+
CMD ["python3", "app.py"]
|
README.md
CHANGED
|
@@ -1,13 +1,13 @@
|
|
| 1 |
---
|
| 2 |
-
title:
|
| 3 |
-
emoji:
|
| 4 |
-
colorFrom:
|
| 5 |
-
colorTo:
|
| 6 |
sdk: gradio
|
| 7 |
-
sdk_version: 4.
|
| 8 |
app_file: app.py
|
| 9 |
pinned: false
|
| 10 |
-
license:
|
| 11 |
---
|
| 12 |
|
| 13 |
-
|
|
|
|
| 1 |
---
|
| 2 |
+
title: FortiOS test
|
| 3 |
+
emoji: 📉
|
| 4 |
+
colorFrom: red
|
| 5 |
+
colorTo: green
|
| 6 |
sdk: gradio
|
| 7 |
+
sdk_version: 4.39.0
|
| 8 |
app_file: app.py
|
| 9 |
pinned: false
|
| 10 |
+
license: other
|
| 11 |
---
|
| 12 |
|
| 13 |
+
Check out the configuration reference at https://huggingface.co/docs/hub/spaces-config-reference
|
app.py
CHANGED
|
@@ -56,9 +56,200 @@ def predict(message, history, system_prompt, temperature, max_tokens):
|
|
| 56 |
outputs.append(text)
|
| 57 |
yield "".join(outputs)
|
| 58 |
|
| 59 |
-
|
| 60 |
-
|
| 61 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 62 |
|
| 63 |
if __name__ == "__main__":
|
| 64 |
args = parse_args()
|
|
@@ -70,11 +261,6 @@ if __name__ == "__main__":
|
|
| 70 |
)
|
| 71 |
device = torch.device('cuda' if torch.cuda.is_available() else 'cpu')
|
| 72 |
model = model.to(device)
|
| 73 |
-
|
| 74 |
-
correct_answer = gr.Textbox(label="Correct Answer", placeholder="Enter the correct answer if the provided one is wrong")
|
| 75 |
-
submit_btn = gr.Button("Submit Correction")
|
| 76 |
-
submit_btn.click(fn=submit_correction, inputs=[chatbot, correct_answer], outputs="text")
|
| 77 |
-
|
| 78 |
gr.ChatInterface(
|
| 79 |
predict,
|
| 80 |
title="FortiOS CLI Chat - Demo",
|
|
@@ -89,8 +275,6 @@ if __name__ == "__main__":
|
|
| 89 |
gr.Textbox(sys_prompt, label="System Prompt"),
|
| 90 |
gr.Slider(0, 1, 0.5, label="Temperature"),
|
| 91 |
gr.Slider(100, 2048, 1024, label="Max Tokens"),
|
| 92 |
-
correct_answer,
|
| 93 |
-
submit_btn,
|
| 94 |
],
|
| 95 |
examples=[
|
| 96 |
["Allow all traffic from any source IP address and any source interface 'port10' to any destination IP address and any destination interface 'port9'. This policy will be applied at all times (always) and will allow all services. Additionally, this policy will enable UTM features, use proxy-based inspection mode, and use an SSL-SSH profile named 'deep-custom'. Finally, this policy will also enable source NAT."],
|
|
|
|
| 56 |
outputs.append(text)
|
| 57 |
yield "".join(outputs)
|
| 58 |
|
| 59 |
+
"""
|
| 60 |
+
examples=[
|
| 61 |
+
["How can you move a policy by policy ID?"],
|
| 62 |
+
["What is the command to enable security profiles in a firewall policy?"],
|
| 63 |
+
["How do you configure a service group in the GUI?"],
|
| 64 |
+
["How can you configure the firewall policy change summary in the CLI?"],
|
| 65 |
+
["How do you disable hardware acceleration for an IPv4 firewall policy in the CLI?"],
|
| 66 |
+
["How can you enable WAN optimization in a firewall policy using the CLI?"],
|
| 67 |
+
["What are services in FortiOS and how are they used in firewall policies?"],
|
| 68 |
+
],
|
| 69 |
+
"""
|
| 70 |
+
sys_prompt = """FortiOS firewall configuration in CLI.\n
|
| 71 |
+
Use the firewall config template below to refine your answer, make sure the attributes in the config belongs to the template.\n
|
| 72 |
+
config firewall policy
|
| 73 |
+
edit <policyid>
|
| 74 |
+
set action [accept|deny|ipsec]
|
| 75 |
+
set anti-replay [enable|disable]
|
| 76 |
+
set application-list {string}
|
| 77 |
+
set auth-cert {string}
|
| 78 |
+
set auth-path [enable|disable]
|
| 79 |
+
set auth-redirect-addr {string}
|
| 80 |
+
set auto-asic-offload [enable|disable]
|
| 81 |
+
set av-profile {string}
|
| 82 |
+
set block-notification [enable|disable]
|
| 83 |
+
set captive-portal-exempt [enable|disable]
|
| 84 |
+
set capture-packet [enable|disable]
|
| 85 |
+
set casb-profile {string}
|
| 86 |
+
set cifs-profile {string}
|
| 87 |
+
set comments {var-string}
|
| 88 |
+
set custom-log-fields <field-id1>, <field-id2>, ...
|
| 89 |
+
set decrypted-traffic-mirror {string}
|
| 90 |
+
set delay-tcp-npu-session [enable|disable]
|
| 91 |
+
set diameter-filter-profile {string}
|
| 92 |
+
set diffserv-copy [enable|disable]
|
| 93 |
+
set diffserv-forward [enable|disable]
|
| 94 |
+
set diffserv-reverse [enable|disable]
|
| 95 |
+
set diffservcode-forward {user}
|
| 96 |
+
set diffservcode-rev {user}
|
| 97 |
+
set disclaimer [enable|disable]
|
| 98 |
+
set dlp-profile {string}
|
| 99 |
+
set dnsfilter-profile {string}
|
| 100 |
+
set dsri [enable|disable]
|
| 101 |
+
set dstaddr <name1>, <name2>, ...
|
| 102 |
+
set dstaddr-negate [enable|disable]
|
| 103 |
+
set dstaddr6 <name1>, <name2>, ...
|
| 104 |
+
set dstaddr6-negate [enable|disable]
|
| 105 |
+
set dstintf <name1>, <name2>, ...
|
| 106 |
+
set dynamic-shaping [enable|disable]
|
| 107 |
+
set email-collect [enable|disable]
|
| 108 |
+
set emailfilter-profile {string}
|
| 109 |
+
set fec [enable|disable]
|
| 110 |
+
set file-filter-profile {string}
|
| 111 |
+
set firewall-session-dirty [check-all|check-new]
|
| 112 |
+
set fixedport [enable|disable]
|
| 113 |
+
set fsso-agent-for-ntlm {string}
|
| 114 |
+
set fsso-groups <name1>, <name2>, ...
|
| 115 |
+
set geoip-anycast [enable|disable]
|
| 116 |
+
set geoip-match [physical-location|registered-location]
|
| 117 |
+
set groups <name1>, <name2>, ...
|
| 118 |
+
set http-policy-redirect [enable|disable]
|
| 119 |
+
set icap-profile {string}
|
| 120 |
+
set identity-based-route {string}
|
| 121 |
+
set inbound [enable|disable]
|
| 122 |
+
set inspection-mode [proxy|flow]
|
| 123 |
+
set internet-service [enable|disable]
|
| 124 |
+
set internet-service-custom <name1>, <name2>, ...
|
| 125 |
+
set internet-service-custom-group <name1>, <name2>, ...
|
| 126 |
+
set internet-service-group <name1>, <name2>, ...
|
| 127 |
+
set internet-service-name <name1>, <name2>, ...
|
| 128 |
+
set internet-service-negate [enable|disable]
|
| 129 |
+
set internet-service-src [enable|disable]
|
| 130 |
+
set internet-service-src-custom <name1>, <name2>, ...
|
| 131 |
+
set internet-service-src-custom-group <name1>, <name2>, ...
|
| 132 |
+
set internet-service-src-group <name1>, <name2>, ...
|
| 133 |
+
set internet-service-src-name <name1>, <name2>, ...
|
| 134 |
+
set internet-service-src-negate [enable|disable]
|
| 135 |
+
set internet-service6 [enable|disable]
|
| 136 |
+
set internet-service6-custom <name1>, <name2>, ...
|
| 137 |
+
set internet-service6-custom-group <name1>, <name2>, ...
|
| 138 |
+
set internet-service6-group <name1>, <name2>, ...
|
| 139 |
+
set internet-service6-name <name1>, <name2>, ...
|
| 140 |
+
set internet-service6-negate [enable|disable]
|
| 141 |
+
set internet-service6-src [enable|disable]
|
| 142 |
+
set internet-service6-src-custom <name1>, <name2>, ...
|
| 143 |
+
set internet-service6-src-custom-group <name1>, <name2>, ...
|
| 144 |
+
set internet-service6-src-group <name1>, <name2>, ...
|
| 145 |
+
set internet-service6-src-name <name1>, <name2>, ...
|
| 146 |
+
set internet-service6-src-negate [enable|disable]
|
| 147 |
+
set ippool [enable|disable]
|
| 148 |
+
set ips-sensor {string}
|
| 149 |
+
set ips-voip-filter {string}
|
| 150 |
+
set logtraffic [all|utm|disable]
|
| 151 |
+
set logtraffic-start [enable|disable]
|
| 152 |
+
set match-vip [enable|disable]
|
| 153 |
+
set match-vip-only [enable|disable]
|
| 154 |
+
set name {string}
|
| 155 |
+
set nat [enable|disable]
|
| 156 |
+
set nat46 [enable|disable]
|
| 157 |
+
set nat64 [enable|disable]
|
| 158 |
+
set natinbound [enable|disable]
|
| 159 |
+
set natip {ipv4-classnet}
|
| 160 |
+
set natoutbound [enable|disable]
|
| 161 |
+
set network-service-dynamic <name1>, <name2>, ...
|
| 162 |
+
set network-service-src-dynamic <name1>, <name2>, ...
|
| 163 |
+
set np-acceleration [enable|disable]
|
| 164 |
+
set ntlm [enable|disable]
|
| 165 |
+
set ntlm-enabled-browsers <user-agent-string1>, <user-agent-string2>, ...
|
| 166 |
+
set ntlm-guest [enable|disable]
|
| 167 |
+
set outbound [enable|disable]
|
| 168 |
+
set passive-wan-health-measurement [enable|disable]
|
| 169 |
+
set pcp-inbound [enable|disable]
|
| 170 |
+
set pcp-outbound [enable|disable]
|
| 171 |
+
set pcp-poolname <name1>, <name2>, ...
|
| 172 |
+
set per-ip-shaper {string}
|
| 173 |
+
set permit-any-host [enable|disable]
|
| 174 |
+
set permit-stun-host [enable|disable]
|
| 175 |
+
set policy-expiry [enable|disable]
|
| 176 |
+
set policy-expiry-date {datetime}
|
| 177 |
+
set policy-expiry-date-utc {user}
|
| 178 |
+
set poolname <name1>, <name2>, ...
|
| 179 |
+
set poolname6 <name1>, <name2>, ...
|
| 180 |
+
set port-preserve [enable|disable]
|
| 181 |
+
set profile-group {string}
|
| 182 |
+
set profile-protocol-options {string}
|
| 183 |
+
set profile-type [single|group]
|
| 184 |
+
set radius-mac-auth-bypass [enable|disable]
|
| 185 |
+
set redirect-url {var-string}
|
| 186 |
+
set replacemsg-override-group {string}
|
| 187 |
+
set reputation-direction [source|destination]
|
| 188 |
+
set reputation-direction6 [source|destination]
|
| 189 |
+
set reputation-minimum {integer}
|
| 190 |
+
set reputation-minimum6 {integer}
|
| 191 |
+
set rtp-addr <name1>, <name2>, ...
|
| 192 |
+
set rtp-nat [disable|enable]
|
| 193 |
+
set schedule {string}
|
| 194 |
+
set schedule-timeout [enable|disable]
|
| 195 |
+
set sctp-filter-profile {string}
|
| 196 |
+
set send-deny-packet [disable|enable]
|
| 197 |
+
set service <name1>, <name2>, ...
|
| 198 |
+
set service-negate [enable|disable]
|
| 199 |
+
set session-ttl {user}
|
| 200 |
+
set sgt <id1>, <id2>, ...
|
| 201 |
+
set sgt-check [enable|disable]
|
| 202 |
+
set src-vendor-mac <id1>, <id2>, ...
|
| 203 |
+
set srcaddr <name1>, <name2>, ...
|
| 204 |
+
set srcaddr-negate [enable|disable]
|
| 205 |
+
set srcaddr6 <name1>, <name2>, ...
|
| 206 |
+
set srcaddr6-negate [enable|disable]
|
| 207 |
+
set srcintf <name1>, <name2>, ...
|
| 208 |
+
set ssh-filter-profile {string}
|
| 209 |
+
set ssh-policy-redirect [enable|disable]
|
| 210 |
+
set ssl-ssh-profile {string}
|
| 211 |
+
set status [enable|disable]
|
| 212 |
+
set tcp-mss-receiver {integer}
|
| 213 |
+
set tcp-mss-sender {integer}
|
| 214 |
+
set tcp-session-without-syn [all|data-only|disable]
|
| 215 |
+
set timeout-send-rst [enable|disable]
|
| 216 |
+
set tos {user}
|
| 217 |
+
set tos-mask {user}
|
| 218 |
+
set tos-negate [enable|disable]
|
| 219 |
+
set traffic-shaper {string}
|
| 220 |
+
set traffic-shaper-reverse {string}
|
| 221 |
+
set users <name1>, <name2>, ...
|
| 222 |
+
set utm-status [enable|disable]
|
| 223 |
+
set uuid {uuid}
|
| 224 |
+
set videofilter-profile {string}
|
| 225 |
+
set virtual-patch-profile {string}
|
| 226 |
+
set vlan-cos-fwd {integer}
|
| 227 |
+
set vlan-cos-rev {integer}
|
| 228 |
+
set vlan-filter {user}
|
| 229 |
+
set voip-profile {string}
|
| 230 |
+
set vpntunnel {string}
|
| 231 |
+
set waf-profile {string}
|
| 232 |
+
set wanopt [enable|disable]
|
| 233 |
+
set wanopt-detection [active|passive|off]
|
| 234 |
+
set wanopt-passive-opt [default|transparent|non-transparent]
|
| 235 |
+
set wanopt-peer {string}
|
| 236 |
+
set wanopt-profile {string}
|
| 237 |
+
set wccp [enable|disable]
|
| 238 |
+
set webcache [enable|disable]
|
| 239 |
+
set webcache-https [disable|enable]
|
| 240 |
+
set webfilter-profile {string}
|
| 241 |
+
set webproxy-forward-server {string}
|
| 242 |
+
set webproxy-profile {string}
|
| 243 |
+
set ztna-device-ownership [enable|disable]
|
| 244 |
+
set ztna-ems-tag <name1>, <name2>, ...
|
| 245 |
+
set ztna-ems-tag-secondary <name1>, <name2>, ...
|
| 246 |
+
set ztna-geo-tag <name1>, <name2>, ...
|
| 247 |
+
set ztna-policy-redirect [enable|disable]
|
| 248 |
+
set ztna-status [enable|disable]
|
| 249 |
+
set ztna-tags-match-logic [or|and]
|
| 250 |
+
next
|
| 251 |
+
end\n
|
| 252 |
+
"""
|
| 253 |
|
| 254 |
if __name__ == "__main__":
|
| 255 |
args = parse_args()
|
|
|
|
| 261 |
)
|
| 262 |
device = torch.device('cuda' if torch.cuda.is_available() else 'cpu')
|
| 263 |
model = model.to(device)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 264 |
gr.ChatInterface(
|
| 265 |
predict,
|
| 266 |
title="FortiOS CLI Chat - Demo",
|
|
|
|
| 275 |
gr.Textbox(sys_prompt, label="System Prompt"),
|
| 276 |
gr.Slider(0, 1, 0.5, label="Temperature"),
|
| 277 |
gr.Slider(100, 2048, 1024, label="Max Tokens"),
|
|
|
|
|
|
|
| 278 |
],
|
| 279 |
examples=[
|
| 280 |
["Allow all traffic from any source IP address and any source interface 'port10' to any destination IP address and any destination interface 'port9'. This policy will be applied at all times (always) and will allow all services. Additionally, this policy will enable UTM features, use proxy-based inspection mode, and use an SSL-SSH profile named 'deep-custom'. Finally, this policy will also enable source NAT."],
|
requirements.txt
CHANGED
|
@@ -1 +1,7 @@
|
|
| 1 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
Cython
|
| 2 |
+
gradio
|
| 3 |
+
transformers
|
| 4 |
+
tiktoken
|
| 5 |
+
torch
|
| 6 |
+
numpy
|
| 7 |
+
accelerate
|