summaryrefslogtreecommitdiff
path: root/interface-definitions
diff options
context:
space:
mode:
authorzsdc <taras@sentrium.io>2019-12-18 23:57:52 +0200
committerzsdc <taras@sentrium.io>2019-12-18 23:57:52 +0200
commitf0aab13bb4bf111b3b47f34cb554873e1db1d44d (patch)
treee23872f22bbe458ddcf0cca6607fd59e8fa8985f /interface-definitions
parentf1cc9b0e08dfc4ae38c40f70db89b808d73fe7f9 (diff)
downloadvyos-1x-f0aab13bb4bf111b3b47f34cb554873e1db1d44d.tar.gz
vyos-1x-f0aab13bb4bf111b3b47f34cb554873e1db1d44d.zip
flow-accounting: T1890: flow-accounting rewritten with Python and XML
This patch keep compatibility with old configuration and software, but now it is much easier to add a lot of other useful things Completely replaces vyatta-netflow package (except some outdated and not available via CLI parts)
Diffstat (limited to 'interface-definitions')
-rw-r--r--interface-definitions/flow-accounting-conf.xml.in428
1 files changed, 428 insertions, 0 deletions
diff --git a/interface-definitions/flow-accounting-conf.xml.in b/interface-definitions/flow-accounting-conf.xml.in
new file mode 100644
index 000000000..6d11c565d
--- /dev/null
+++ b/interface-definitions/flow-accounting-conf.xml.in
@@ -0,0 +1,428 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- flow-accounting configuration -->
+<interfaceDefinition>
+ <node name="system">
+ <children>
+ <node name="flow-accounting" owner="${vyos_conf_scripts_dir}/flow_accounting_conf.py">
+ <properties>
+ <help>Flow accounting settings</help>
+ <priority>990</priority>
+ </properties>
+ <children>
+ <leafNode name="buffer-size">
+ <properties>
+ <help>Buffer size</help>
+ <valueHelp>
+ <format>0-4294967295</format>
+ <description>Buffer size in MiB</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 0-4294967295" />
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="disable-imt">
+ <properties>
+ <help>Disable in memory table plugin</help>
+ <valueless />
+ </properties>
+ </leafNode>
+ <leafNode name="syslog-facility">
+ <properties>
+ <help>Syslog facility for flow-accounting</help>
+ <completionHelp>
+ <list>auth authpriv cron daemon kern lpr mail mark news protocols security syslog user uucp local0 local1 local2 local3 local4 local5 local6 local7 all</list>
+ </completionHelp>
+ <valueHelp>
+ <format>auth</format>
+ <description>Authentication and authorization</description>
+ </valueHelp>
+ <valueHelp>
+ <format>authpriv</format>
+ <description>Non-system authorization</description>
+ </valueHelp>
+ <valueHelp>
+ <format>cron</format>
+ <description>Cron daemon</description>
+ </valueHelp>
+ <valueHelp>
+ <format>daemon</format>
+ <description>System daemons</description>
+ </valueHelp>
+ <valueHelp>
+ <format>kern</format>
+ <description>Kernel</description>
+ </valueHelp>
+ <valueHelp>
+ <format>lpr</format>
+ <description>Line printer spooler</description>
+ </valueHelp>
+ <valueHelp>
+ <format>mail</format>
+ <description>Mail subsystem</description>
+ </valueHelp>
+ <valueHelp>
+ <format>mark</format>
+ <description>Timestamp</description>
+ </valueHelp>
+ <valueHelp>
+ <format>news</format>
+ <description>USENET subsystem</description>
+ </valueHelp>
+ <valueHelp>
+ <format>protocols</format>
+ <description>Routing protocols (local7)</description>
+ </valueHelp>
+ <valueHelp>
+ <format>security</format>
+ <description>Authentication and authorization</description>
+ </valueHelp>
+ <valueHelp>
+ <format>syslog</format>
+ <description>Authentication and authorization</description>
+ </valueHelp>
+ <valueHelp>
+ <format>user</format>
+ <description>Application processes</description>
+ </valueHelp>
+ <valueHelp>
+ <format>uucp</format>
+ <description>UUCP subsystem</description>
+ </valueHelp>
+ <valueHelp>
+ <format>local0</format>
+ <description>Local facility 0</description>
+ </valueHelp>
+ <valueHelp>
+ <format>local1</format>
+ <description>Local facility 1</description>
+ </valueHelp>
+ <valueHelp>
+ <format>local2</format>
+ <description>Local facility 2</description>
+ </valueHelp>
+ <valueHelp>
+ <format>local3</format>
+ <description>Local facility 3</description>
+ </valueHelp>
+ <valueHelp>
+ <format>local4</format>
+ <description>Local facility 4</description>
+ </valueHelp>
+ <valueHelp>
+ <format>local5</format>
+ <description>Local facility 5</description>
+ </valueHelp>
+ <valueHelp>
+ <format>local6</format>
+ <description>Local facility 6</description>
+ </valueHelp>
+ <valueHelp>
+ <format>local7</format>
+ <description>Local facility 7</description>
+ </valueHelp>
+ <valueHelp>
+ <format>all</format>
+ <description>Authentication and authorization</description>
+ </valueHelp>
+ </properties>
+ </leafNode>
+ <leafNode name="interface">
+ <properties>
+ <help>Interface for flow-accounting [REQUIRED]</help>
+ <completionHelp>
+ <script>${vyos_completion_dir}/list_interfaces.py</script>
+ </completionHelp>
+ <multi/>
+ </properties>
+ </leafNode>
+ <node name="netflow">
+ <properties>
+ <help>NetFlow settings</help>
+ </properties>
+ <children>
+ <leafNode name="engine-id">
+ <properties>
+ <help>NetFlow engine-id</help>
+ <valueHelp>
+ <format>0-255 or 0-255:0-255</format>
+ <description>NetFlow engine-id for v5</description>
+ </valueHelp>
+ <valueHelp>
+ <format>0-4294967295</format>
+ <description>NetFlow engine-id for v9 / IPFIX</description>
+ </valueHelp>
+ <constraint>
+ <regex>^(\d|[1-9]\d{1,8}|[1-3]\d{9}|4[01]\d{8}|42[0-8]\d{7}|429[0-3]\d{6}|4294[0-8]\d{5}|42949[0-5]\d{4}|429496[0-6]\d{3}|4294967[01]\d{2}|42949672[0-8]\d|429496729[0-5])$|^(\d|[1-9]\d|1\d{2}|2[0-4]\d|25[0-5]):(\d|[1-9]\d|1\d{2}|2[0-4]\d|25[0-5])$</regex>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="max-flows">
+ <properties>
+ <help>NetFlow maximum flows</help>
+ <valueHelp>
+ <format>0-4294967295</format>
+ <description>NetFlow maximum flows</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 0-4294967295" />
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="sampling-rate">
+ <properties>
+ <help>NetFlow sampling-rate</help>
+ <valueHelp>
+ <format>0-4294967295</format>
+ <description>Sampling rate (1 in N packets)</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 0-4294967295" />
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="source-ip">
+ <properties>
+ <help>IPv4 or IPv6 source address of NetFlow packets</help>
+ <valueHelp>
+ <format>ipv4</format>
+ <description>IPv4 source address of NetFlow packets</description>
+ </valueHelp>
+ <valueHelp>
+ <format>ipv6</format>
+ <description>IPv6 source address of NetFlow packets</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv4-address"/>
+ <validator name="ipv6-address"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="version">
+ <properties>
+ <help>NetFlow version to export</help>
+ <completionHelp>
+ <list>5 9 10</list>
+ </completionHelp>
+ <valueHelp>
+ <format>5</format>
+ <description>NetFlow version 5</description>
+ </valueHelp>
+ <valueHelp>
+ <format>9</format>
+ <description>NetFlow version 9 (default)</description>
+ </valueHelp>
+ <valueHelp>
+ <format>10</format>
+ <description>IPFIX</description>
+ </valueHelp>
+ </properties>
+ </leafNode>
+ <tagNode name="server">
+ <properties>
+ <help>Server to export NetFlow [REQUIRED]</help>
+ <valueHelp>
+ <format>ipv4</format>
+ <description>IPv4 server to export NetFlow</description>
+ </valueHelp>
+ <valueHelp>
+ <format>ipv6</format>
+ <description>IPv6 server to export NetFlow</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv4-address"/>
+ <validator name="ipv6-address"/>
+ </constraint>
+ </properties>
+ <children>
+ <leafNode name="port">
+ <properties>
+ <help>NetFlow port number</help>
+ <valueHelp>
+ <format>1025-65535</format>
+ <description>NetFlow port number (default 2055)</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1025-65535" />
+ </constraint>
+ </properties>
+ </leafNode>
+ </children>
+ </tagNode>
+ <node name="timeout">
+ <properties>
+ <help>NetFlow timeout values</help>
+ </properties>
+ <children>
+ <leafNode name="expiry-interval">
+ <properties>
+ <help>Expiry scan interval</help>
+ <valueHelp>
+ <format>0-2147483647</format>
+ <description>Expiry scan interval (default 60)</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 0-2147483647" />
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="flow-generic">
+ <properties>
+ <help>Generic flow timeout value</help>
+ <valueHelp>
+ <format>0-2147483647</format>
+ <description>Generic flow timeout in seconds (default 3600)</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 0-2147483647" />
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="icmp">
+ <properties>
+ <help>ICMP timeout value</help>
+ <valueHelp>
+ <format>0-2147483647</format>
+ <description>ICMP timeout in seconds (default 300)</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 0-2147483647" />
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="max-active-life">
+ <properties>
+ <help>Max active timeout value</help>
+ <valueHelp>
+ <format>0-2147483647</format>
+ <description>Max active timeout in seconds (default 604800)</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 0-2147483647" />
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="tcp-fin">
+ <properties>
+ <help>TCP finish timeout value</help>
+ <valueHelp>
+ <format>0-2147483647</format>
+ <description>TCP FIN timeout in seconds (default 300)</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 0-2147483647" />
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="tcp-generic">
+ <properties>
+ <help>TCP generic timeout value</help>
+ <valueHelp>
+ <format>0-2147483647</format>
+ <description>TCP generic timeout in seconds (default 3600)</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 0-2147483647" />
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="tcp-rst">
+ <properties>
+ <help>TCP reset timeout value</help>
+ <valueHelp>
+ <format>0-2147483647</format>
+ <description>TCP RST timeout in seconds (default 120)</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 0-2147483647" />
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="udp">
+ <properties>
+ <help>UDP timeout value</help>
+ <valueHelp>
+ <format>0-2147483647</format>
+ <description>UDP timeout in seconds (default 300)</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 0-2147483647" />
+ </constraint>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
+ </children>
+ </node>
+ <node name="sflow">
+ <properties>
+ <help>sFlow settings</help>
+ </properties>
+ <children>
+ <leafNode name="agent-address">
+ <properties>
+ <help>sFlow agent IPv4 address</help>
+ <valueHelp>
+ <format>auto</format>
+ <description>auto select sFlow agent-address (default)</description>
+ </valueHelp>
+ <valueHelp>
+ <format>ipv4</format>
+ <description>sFlow IPv4 agent address</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv4-address"/>
+ <regex>^auto$</regex>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="sampling-rate">
+ <properties>
+ <help>sFlow sampling-rate</help>
+ <valueHelp>
+ <format>0-4294967295</format>
+ <description>Sampling rate (1 in N packets)</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 0-4294967295" />
+ </constraint>
+ </properties>
+ </leafNode>
+ <tagNode name="server">
+ <properties>
+ <help>Server to export sFlow [REQUIRED]</help>
+ <valueHelp>
+ <format>ipv4</format>
+ <description>IPv4 server to export sFlow</description>
+ </valueHelp>
+ <valueHelp>
+ <format>ipv6</format>
+ <description>IPv6 server to export sFlow</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv4-address"/>
+ <validator name="ipv6-address"/>
+ </constraint>
+ </properties>
+ <children>
+ <leafNode name="port">
+ <properties>
+ <help>sFlow port number</help>
+ <valueHelp>
+ <format>1025-65535</format>
+ <description>sFlow port number (default 6343)</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1025-65535" />
+ </constraint>
+ </properties>
+ </leafNode>
+ </children>
+ </tagNode>
+ </children>
+ </node>
+ </children>
+ </node>
+ </children>
+ </node>
+</interfaceDefinition>