summaryrefslogtreecommitdiff
path: root/interface-definitions
diff options
context:
space:
mode:
authorViacheslav Hletenko <v.gletenko@vyos.io>2022-09-16 16:18:30 +0000
committerViacheslav Hletenko <v.gletenko@vyos.io>2022-09-26 13:15:02 +0000
commit67cf858c8727f7f232aa4648510335f2b2028aaa (patch)
tree46ea3e2d1d431a6ddd60f188f9097f56d71b5e21 /interface-definitions
parent3ed4341db4b30df7b06b8ef393c3afa2e5422aff (diff)
downloadvyos-1x-67cf858c8727f7f232aa4648510335f2b2028aaa.tar.gz
vyos-1x-67cf858c8727f7f232aa4648510335f2b2028aaa.zip
ids: T4557: Migrate threshold and add new threshold types
Migrate "service ids ddos-protection threshold xxx" to "service ids ddos-protection general threshold xxx" Add new threshold types: set service ids ddos-protection threshold tcp xxx set service ids ddos-protection threshold udp xxx set service ids ddos-protection threshold icmp xxx
Diffstat (limited to 'interface-definitions')
-rw-r--r--interface-definitions/include/ids/threshold.xml.i38
-rw-r--r--interface-definitions/include/version/ids-version.xml.i3
-rw-r--r--interface-definitions/service-ids-ddos-protection.xml.in56
3 files changed, 67 insertions, 30 deletions
diff --git a/interface-definitions/include/ids/threshold.xml.i b/interface-definitions/include/ids/threshold.xml.i
new file mode 100644
index 000000000..e21e3a005
--- /dev/null
+++ b/interface-definitions/include/ids/threshold.xml.i
@@ -0,0 +1,38 @@
+<!-- include start from ids/threshold.xml.i -->
+<leafNode name="fps">
+ <properties>
+ <help>Flows per second</help>
+ <valueHelp>
+ <format>u32:0-4294967294</format>
+ <description>Flows per second</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 0-4294967294"/>
+ </constraint>
+ </properties>
+</leafNode>
+<leafNode name="mbps">
+ <properties>
+ <help>Megabits per second</help>
+ <valueHelp>
+ <format>u32:0-4294967294</format>
+ <description>Megabits per second</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 0-4294967294"/>
+ </constraint>
+ </properties>
+</leafNode>
+<leafNode name="pps">
+ <properties>
+ <help>Packets per second</help>
+ <valueHelp>
+ <format>u32:0-4294967294</format>
+ <description>Packets per second</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 0-4294967294"/>
+ </constraint>
+ </properties>
+</leafNode>
+<!-- include end -->
diff --git a/interface-definitions/include/version/ids-version.xml.i b/interface-definitions/include/version/ids-version.xml.i
new file mode 100644
index 000000000..9133be02b
--- /dev/null
+++ b/interface-definitions/include/version/ids-version.xml.i
@@ -0,0 +1,3 @@
+<!-- include start from include/version/ids-version.xml.i -->
+<syntaxVersion component='ids' version='1'></syntaxVersion>
+<!-- include end -->
diff --git a/interface-definitions/service-ids-ddos-protection.xml.in b/interface-definitions/service-ids-ddos-protection.xml.in
index 86fc4dffa..a661b845d 100644
--- a/interface-definitions/service-ids-ddos-protection.xml.in
+++ b/interface-definitions/service-ids-ddos-protection.xml.in
@@ -107,42 +107,38 @@
<help>Attack limits thresholds</help>
</properties>
<children>
- <leafNode name="fps">
+ <node name="general">
<properties>
- <help>Flows per second</help>
- <valueHelp>
- <format>u32:0-4294967294</format>
- <description>Flows per second</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 0-4294967294"/>
- </constraint>
+ <help>General threshold</help>
</properties>
- </leafNode>
- <leafNode name="mbps">
+ <children>
+ #include <include/ids/threshold.xml.i>
+ </children>
+ </node>
+ <node name="tcp">
<properties>
- <help>Megabits per second</help>
- <valueHelp>
- <format>u32:0-4294967294</format>
- <description>Megabits per second</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 0-4294967294"/>
- </constraint>
+ <help>TCP threshold</help>
</properties>
- </leafNode>
- <leafNode name="pps">
+ <children>
+ #include <include/ids/threshold.xml.i>
+ </children>
+ </node>
+ <node name="udp">
<properties>
- <help>Packets per second</help>
- <valueHelp>
- <format>u32:0-4294967294</format>
- <description>Packets per second</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 0-4294967294"/>
- </constraint>
+ <help>UDP threshold</help>
</properties>
- </leafNode>
+ <children>
+ #include <include/ids/threshold.xml.i>
+ </children>
+ </node>
+ <node name="icmp">
+ <properties>
+ <help>ICMP threshold</help>
+ </properties>
+ <children>
+ #include <include/ids/threshold.xml.i>
+ </children>
+ </node>
</children>
</node>
</children>