diff options
author | Viacheslav Hletenko <v.gletenko@vyos.io> | 2022-09-16 16:18:30 +0000 |
---|---|---|
committer | Viacheslav Hletenko <v.gletenko@vyos.io> | 2022-09-26 13:15:02 +0000 |
commit | 67cf858c8727f7f232aa4648510335f2b2028aaa (patch) | |
tree | 46ea3e2d1d431a6ddd60f188f9097f56d71b5e21 /interface-definitions | |
parent | 3ed4341db4b30df7b06b8ef393c3afa2e5422aff (diff) | |
download | vyos-1x-67cf858c8727f7f232aa4648510335f2b2028aaa.tar.gz vyos-1x-67cf858c8727f7f232aa4648510335f2b2028aaa.zip |
ids: T4557: Migrate threshold and add new threshold types
Migrate "service ids ddos-protection threshold xxx" to
"service ids ddos-protection general threshold xxx"
Add new threshold types:
set service ids ddos-protection threshold tcp xxx
set service ids ddos-protection threshold udp xxx
set service ids ddos-protection threshold icmp xxx
Diffstat (limited to 'interface-definitions')
-rw-r--r-- | interface-definitions/include/ids/threshold.xml.i | 38 | ||||
-rw-r--r-- | interface-definitions/include/version/ids-version.xml.i | 3 | ||||
-rw-r--r-- | interface-definitions/service-ids-ddos-protection.xml.in | 56 |
3 files changed, 67 insertions, 30 deletions
diff --git a/interface-definitions/include/ids/threshold.xml.i b/interface-definitions/include/ids/threshold.xml.i new file mode 100644 index 000000000..e21e3a005 --- /dev/null +++ b/interface-definitions/include/ids/threshold.xml.i @@ -0,0 +1,38 @@ +<!-- include start from ids/threshold.xml.i --> +<leafNode name="fps"> + <properties> + <help>Flows per second</help> + <valueHelp> + <format>u32:0-4294967294</format> + <description>Flows per second</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 0-4294967294"/> + </constraint> + </properties> +</leafNode> +<leafNode name="mbps"> + <properties> + <help>Megabits per second</help> + <valueHelp> + <format>u32:0-4294967294</format> + <description>Megabits per second</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 0-4294967294"/> + </constraint> + </properties> +</leafNode> +<leafNode name="pps"> + <properties> + <help>Packets per second</help> + <valueHelp> + <format>u32:0-4294967294</format> + <description>Packets per second</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 0-4294967294"/> + </constraint> + </properties> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/include/version/ids-version.xml.i b/interface-definitions/include/version/ids-version.xml.i new file mode 100644 index 000000000..9133be02b --- /dev/null +++ b/interface-definitions/include/version/ids-version.xml.i @@ -0,0 +1,3 @@ +<!-- include start from include/version/ids-version.xml.i --> +<syntaxVersion component='ids' version='1'></syntaxVersion> +<!-- include end --> diff --git a/interface-definitions/service-ids-ddos-protection.xml.in b/interface-definitions/service-ids-ddos-protection.xml.in index 86fc4dffa..a661b845d 100644 --- a/interface-definitions/service-ids-ddos-protection.xml.in +++ b/interface-definitions/service-ids-ddos-protection.xml.in @@ -107,42 +107,38 @@ <help>Attack limits thresholds</help> </properties> <children> - <leafNode name="fps"> + <node name="general"> <properties> - <help>Flows per second</help> - <valueHelp> - <format>u32:0-4294967294</format> - <description>Flows per second</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 0-4294967294"/> - </constraint> + <help>General threshold</help> </properties> - </leafNode> - <leafNode name="mbps"> + <children> + #include <include/ids/threshold.xml.i> + </children> + </node> + <node name="tcp"> <properties> - <help>Megabits per second</help> - <valueHelp> - <format>u32:0-4294967294</format> - <description>Megabits per second</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 0-4294967294"/> - </constraint> + <help>TCP threshold</help> </properties> - </leafNode> - <leafNode name="pps"> + <children> + #include <include/ids/threshold.xml.i> + </children> + </node> + <node name="udp"> <properties> - <help>Packets per second</help> - <valueHelp> - <format>u32:0-4294967294</format> - <description>Packets per second</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 0-4294967294"/> - </constraint> + <help>UDP threshold</help> </properties> - </leafNode> + <children> + #include <include/ids/threshold.xml.i> + </children> + </node> + <node name="icmp"> + <properties> + <help>ICMP threshold</help> + </properties> + <children> + #include <include/ids/threshold.xml.i> + </children> + </node> </children> </node> </children> |