diff options
Diffstat (limited to 'data/templates/ids/fastnetmon.j2')
-rw-r--r-- | data/templates/ids/fastnetmon.j2 | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/data/templates/ids/fastnetmon.j2 b/data/templates/ids/fastnetmon.j2 index c482002fa..005338836 100644 --- a/data/templates/ids/fastnetmon.j2 +++ b/data/templates/ids/fastnetmon.j2 @@ -1,21 +1,22 @@ # enable this option if you want to send logs to local syslog facility +logging:logging_level = debug logging:local_syslog_logging = on # list of all your networks in CIDR format -networks_list_path = /etc/networks_list - -# list networks in CIDR format which will be not monitored for attacks -white_list_path = /etc/networks_whitelist +networks_list_path = /run/fastnetmon/networks_list # Enable/Disable any actions in case of attack enable_ban = on +enable_ban_ipv6 = on ## How many packets will be collected from attack traffic ban_details_records_count = 500 ## How long (in seconds) we should keep an IP in blocked state ## If you set 0 here it completely disables unban capability -ban_time = 1900 +{% if ban_time is vyos_defined %} +ban_time = {{ ban_time }} +{% endif %} # Check if the attack is still active, before triggering an unban callback with this option # If the attack is still active, check each run of the unban watchdog |