Merge pull request #2105 from sever-sever/T5368

T5368: service ids ddos-protection add support sflow mode

2 files changed, 11 insertions, 2 deletions

diff --git a/data/templates/ids/fastnetmon.j2 b/data/templates/ids/fastnetmon.j2
index 0340d3c92..f6f03d0db 100644
--- a/data/templates/ids/fastnetmon.j2
+++ b/data/templates/ids/fastnetmon.j2
@@ -29,10 +29,19 @@ unban_only_if_attack_finished = on
 # For each subnet, list track speed in bps and pps for both directions
 enable_subnet_counters = off
 
-{% if mode.mirror is vyos_defined %}
+{% if mode is vyos_defined('mirror') %}
 mirror_afpacket = on
+{% elif mode is vyos_defined('sflow') %}
+sflow = on
+{%     if sflow.port is vyos_defined %}
+sflow_port = {{ sflow.port }}
+{%     endif %}
+{%     if sflow.listen_address is vyos_defined %}
+sflow_host = {{ sflow.listen_address }}
+{%     endif %}
 {% endif %}
 
+
 process_incoming_traffic = {{ 'on' if direction is vyos_defined and 'in' in direction else 'off' }}
 process_outgoing_traffic = {{ 'on' if direction is vyos_defined and 'out' in direction else 'off' }}
 
diff --git a/data/templates/ids/fastnetmon_networks_list.j2 b/data/templates/ids/fastnetmon_networks_list.j2
index 5f1b3ba4d..0a0576d2a 100644
--- a/data/templates/ids/fastnetmon_networks_list.j2
+++ b/data/templates/ids/fastnetmon_networks_list.j2
@@ -1,4 +1,4 @@
-{% if network is vyos_defined() %}
+{% if network is vyos_defined %}
 {%     for net in network %}
 {{ net }}
 {%     endfor %}