summaryrefslogtreecommitdiff
path: root/data/templates/ids/fastnetmon.j2
diff options
context:
space:
mode:
Diffstat (limited to 'data/templates/ids/fastnetmon.j2')
-rw-r--r--data/templates/ids/fastnetmon.j211
1 files changed, 6 insertions, 5 deletions
diff --git a/data/templates/ids/fastnetmon.j2 b/data/templates/ids/fastnetmon.j2
index c482002fa..005338836 100644
--- a/data/templates/ids/fastnetmon.j2
+++ b/data/templates/ids/fastnetmon.j2
@@ -1,21 +1,22 @@
# enable this option if you want to send logs to local syslog facility
+logging:logging_level = debug
logging:local_syslog_logging = on
# list of all your networks in CIDR format
-networks_list_path = /etc/networks_list
-
-# list networks in CIDR format which will be not monitored for attacks
-white_list_path = /etc/networks_whitelist
+networks_list_path = /run/fastnetmon/networks_list
# Enable/Disable any actions in case of attack
enable_ban = on
+enable_ban_ipv6 = on
## How many packets will be collected from attack traffic
ban_details_records_count = 500
## How long (in seconds) we should keep an IP in blocked state
## If you set 0 here it completely disables unban capability
-ban_time = 1900
+{% if ban_time is vyos_defined %}
+ban_time = {{ ban_time }}
+{% endif %}
# Check if the attack is still active, before triggering an unban callback with this option
# If the attack is still active, check each run of the unban watchdog