<?xml version="1.0"?> <interfaceDefinition> <node name="service"> <children> <node name="ids"> <properties> <help>Intrusion Detection System</help> </properties> <children> <node name="ddos-protection" owner="${vyos_conf_scripts_dir}/service_ids_fastnetmon.py"> <properties> <help>FastNetMon detection and protection parameters</help> <priority>731</priority> </properties> <children> <leafNode name="alert-script"> <properties> <help>Path to fastnetmon alert script</help> </properties> </leafNode> <leafNode name="direction"> <properties> <help>Direction for processing traffic</help> <completionHelp> <list>in out</list> </completionHelp> <constraint> <regex>(in|out)</regex> </constraint> <multi/> </properties> </leafNode> <leafNode name="listen-interface"> <properties> <help>Listen interface for mirroring traffic</help> <completionHelp> <script>${vyos_completion_dir}/list_interfaces.py</script> </completionHelp> <multi/> </properties> </leafNode> <node name="mode"> <properties> <help>Traffic capture modes</help> </properties> <children> <!-- Future modes "mirror" "netflow" "combine (both)" --> <leafNode name="mirror"> <properties> <help>Listen mirrored traffic mode</help> <valueless/> </properties> </leafNode> </children> </node> <leafNode name="network"> <properties> <help>Define monitoring networks</help> <valueHelp> <format>ipv4net</format> <description>Processed network</description> </valueHelp> <constraint> <validator name="ipv4-prefix"/> </constraint> <multi/> </properties> </leafNode> <node name="threshold"> <properties> <help>Attack limits thresholds</help> </properties> <children> <leafNode name="fps"> <properties> <help>Flows per second</help> <valueHelp> <format>u32:0-4294967294</format> <description>Flows per second</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 0-4294967294"/> </constraint> </properties> </leafNode> <leafNode name="mbps"> <properties> <help>Megabits per second</help> <valueHelp> <format>u32:0-4294967294</format> <description>Megabits per second</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 0-4294967294"/> </constraint> </properties> </leafNode> <leafNode name="pps"> <properties> <help>Packets per second</help> <valueHelp> <format>u32:0-4294967294</format> <description>Packets per second</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 0-4294967294"/> </constraint> </properties> </leafNode> </children> </node> </children> </node> </children> </node> </children> </node> </interfaceDefinition>