diff options
| author | Adrian Almenar <adrian@tecnocratica.net> | 2022-07-25 15:47:51 +0200 |
|---|---|---|
| committer | Adrian Almenar <adrian@tecnocratica.net> | 2022-07-25 15:47:51 +0200 |
| commit | bd119de6fd32480a4b6fd9c3b16cd5191af350af (patch) | |
| tree | 6ff52e2be7a71bf8e9fca28498fa091c81c8e628 /data | |
| parent | df7348da111668d38796d955bf64fa384eb7a58f (diff) | |
| download | vyos-1x-bd119de6fd32480a4b6fd9c3b16cd5191af350af.tar.gz vyos-1x-bd119de6fd32480a4b6fd9c3b16cd5191af350af.zip | |
fastnetmon: T4556: Allow configure white_list_path and populate with hosts/networks that should be ignored.
Diffstat (limited to 'data')
| -rw-r--r-- | data/templates/ids/fastnetmon.j2 | 3 | ||||
| -rw-r--r-- | data/templates/ids/fastnetmon_excluded_networks_list.j2 | 5 |
2 files changed, 8 insertions, 0 deletions
diff --git a/data/templates/ids/fastnetmon.j2 b/data/templates/ids/fastnetmon.j2 index 005338836..b9f77a257 100644 --- a/data/templates/ids/fastnetmon.j2 +++ b/data/templates/ids/fastnetmon.j2 @@ -5,6 +5,9 @@ logging:local_syslog_logging = on # list of all your networks in CIDR format networks_list_path = /run/fastnetmon/networks_list +# list networks in CIDR format which will be not monitored for attacks +white_list_path = /run/fastnetmon/excluded_networks_list + # Enable/Disable any actions in case of attack enable_ban = on enable_ban_ipv6 = on diff --git a/data/templates/ids/fastnetmon_excluded_networks_list.j2 b/data/templates/ids/fastnetmon_excluded_networks_list.j2 new file mode 100644 index 000000000..c88a1c527 --- /dev/null +++ b/data/templates/ids/fastnetmon_excluded_networks_list.j2 @@ -0,0 +1,5 @@ +{% if excluded_network is vyos_defined %} +{% for net in excluded_network %} +{{ net }} +{% endfor %} +{% endif %} |