diff options
author | zsdc <taras@sentrium.io> | 2019-12-18 23:57:52 +0200 |
---|---|---|
committer | zsdc <taras@sentrium.io> | 2019-12-18 23:57:52 +0200 |
commit | f0aab13bb4bf111b3b47f34cb554873e1db1d44d (patch) | |
tree | e23872f22bbe458ddcf0cca6607fd59e8fa8985f /interface-definitions | |
parent | f1cc9b0e08dfc4ae38c40f70db89b808d73fe7f9 (diff) | |
download | vyos-1x-f0aab13bb4bf111b3b47f34cb554873e1db1d44d.tar.gz vyos-1x-f0aab13bb4bf111b3b47f34cb554873e1db1d44d.zip |
flow-accounting: T1890: flow-accounting rewritten with Python and XML
This patch keep compatibility with old configuration and software, but now it is much easier to add a lot of other useful things
Completely replaces vyatta-netflow package (except some outdated and not available via CLI parts)
Diffstat (limited to 'interface-definitions')
-rw-r--r-- | interface-definitions/flow-accounting-conf.xml.in | 428 |
1 files changed, 428 insertions, 0 deletions
diff --git a/interface-definitions/flow-accounting-conf.xml.in b/interface-definitions/flow-accounting-conf.xml.in new file mode 100644 index 000000000..6d11c565d --- /dev/null +++ b/interface-definitions/flow-accounting-conf.xml.in @@ -0,0 +1,428 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- flow-accounting configuration --> +<interfaceDefinition> + <node name="system"> + <children> + <node name="flow-accounting" owner="${vyos_conf_scripts_dir}/flow_accounting_conf.py"> + <properties> + <help>Flow accounting settings</help> + <priority>990</priority> + </properties> + <children> + <leafNode name="buffer-size"> + <properties> + <help>Buffer size</help> + <valueHelp> + <format>0-4294967295</format> + <description>Buffer size in MiB</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 0-4294967295" /> + </constraint> + </properties> + </leafNode> + <leafNode name="disable-imt"> + <properties> + <help>Disable in memory table plugin</help> + <valueless /> + </properties> + </leafNode> + <leafNode name="syslog-facility"> + <properties> + <help>Syslog facility for flow-accounting</help> + <completionHelp> + <list>auth authpriv cron daemon kern lpr mail mark news protocols security syslog user uucp local0 local1 local2 local3 local4 local5 local6 local7 all</list> + </completionHelp> + <valueHelp> + <format>auth</format> + <description>Authentication and authorization</description> + </valueHelp> + <valueHelp> + <format>authpriv</format> + <description>Non-system authorization</description> + </valueHelp> + <valueHelp> + <format>cron</format> + <description>Cron daemon</description> + </valueHelp> + <valueHelp> + <format>daemon</format> + <description>System daemons</description> + </valueHelp> + <valueHelp> + <format>kern</format> + <description>Kernel</description> + </valueHelp> + <valueHelp> + <format>lpr</format> + <description>Line printer spooler</description> + </valueHelp> + <valueHelp> + <format>mail</format> + <description>Mail subsystem</description> + </valueHelp> + <valueHelp> + <format>mark</format> + <description>Timestamp</description> + </valueHelp> + <valueHelp> + <format>news</format> + <description>USENET subsystem</description> + </valueHelp> + <valueHelp> + <format>protocols</format> + <description>Routing protocols (local7)</description> + </valueHelp> + <valueHelp> + <format>security</format> + <description>Authentication and authorization</description> + </valueHelp> + <valueHelp> + <format>syslog</format> + <description>Authentication and authorization</description> + </valueHelp> + <valueHelp> + <format>user</format> + <description>Application processes</description> + </valueHelp> + <valueHelp> + <format>uucp</format> + <description>UUCP subsystem</description> + </valueHelp> + <valueHelp> + <format>local0</format> + <description>Local facility 0</description> + </valueHelp> + <valueHelp> + <format>local1</format> + <description>Local facility 1</description> + </valueHelp> + <valueHelp> + <format>local2</format> + <description>Local facility 2</description> + </valueHelp> + <valueHelp> + <format>local3</format> + <description>Local facility 3</description> + </valueHelp> + <valueHelp> + <format>local4</format> + <description>Local facility 4</description> + </valueHelp> + <valueHelp> + <format>local5</format> + <description>Local facility 5</description> + </valueHelp> + <valueHelp> + <format>local6</format> + <description>Local facility 6</description> + </valueHelp> + <valueHelp> + <format>local7</format> + <description>Local facility 7</description> + </valueHelp> + <valueHelp> + <format>all</format> + <description>Authentication and authorization</description> + </valueHelp> + </properties> + </leafNode> + <leafNode name="interface"> + <properties> + <help>Interface for flow-accounting [REQUIRED]</help> + <completionHelp> + <script>${vyos_completion_dir}/list_interfaces.py</script> + </completionHelp> + <multi/> + </properties> + </leafNode> + <node name="netflow"> + <properties> + <help>NetFlow settings</help> + </properties> + <children> + <leafNode name="engine-id"> + <properties> + <help>NetFlow engine-id</help> + <valueHelp> + <format>0-255 or 0-255:0-255</format> + <description>NetFlow engine-id for v5</description> + </valueHelp> + <valueHelp> + <format>0-4294967295</format> + <description>NetFlow engine-id for v9 / IPFIX</description> + </valueHelp> + <constraint> + <regex>^(\d|[1-9]\d{1,8}|[1-3]\d{9}|4[01]\d{8}|42[0-8]\d{7}|429[0-3]\d{6}|4294[0-8]\d{5}|42949[0-5]\d{4}|429496[0-6]\d{3}|4294967[01]\d{2}|42949672[0-8]\d|429496729[0-5])$|^(\d|[1-9]\d|1\d{2}|2[0-4]\d|25[0-5]):(\d|[1-9]\d|1\d{2}|2[0-4]\d|25[0-5])$</regex> + </constraint> + </properties> + </leafNode> + <leafNode name="max-flows"> + <properties> + <help>NetFlow maximum flows</help> + <valueHelp> + <format>0-4294967295</format> + <description>NetFlow maximum flows</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 0-4294967295" /> + </constraint> + </properties> + </leafNode> + <leafNode name="sampling-rate"> + <properties> + <help>NetFlow sampling-rate</help> + <valueHelp> + <format>0-4294967295</format> + <description>Sampling rate (1 in N packets)</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 0-4294967295" /> + </constraint> + </properties> + </leafNode> + <leafNode name="source-ip"> + <properties> + <help>IPv4 or IPv6 source address of NetFlow packets</help> + <valueHelp> + <format>ipv4</format> + <description>IPv4 source address of NetFlow packets</description> + </valueHelp> + <valueHelp> + <format>ipv6</format> + <description>IPv6 source address of NetFlow packets</description> + </valueHelp> + <constraint> + <validator name="ipv4-address"/> + <validator name="ipv6-address"/> + </constraint> + </properties> + </leafNode> + <leafNode name="version"> + <properties> + <help>NetFlow version to export</help> + <completionHelp> + <list>5 9 10</list> + </completionHelp> + <valueHelp> + <format>5</format> + <description>NetFlow version 5</description> + </valueHelp> + <valueHelp> + <format>9</format> + <description>NetFlow version 9 (default)</description> + </valueHelp> + <valueHelp> + <format>10</format> + <description>IPFIX</description> + </valueHelp> + </properties> + </leafNode> + <tagNode name="server"> + <properties> + <help>Server to export NetFlow [REQUIRED]</help> + <valueHelp> + <format>ipv4</format> + <description>IPv4 server to export NetFlow</description> + </valueHelp> + <valueHelp> + <format>ipv6</format> + <description>IPv6 server to export NetFlow</description> + </valueHelp> + <constraint> + <validator name="ipv4-address"/> + <validator name="ipv6-address"/> + </constraint> + </properties> + <children> + <leafNode name="port"> + <properties> + <help>NetFlow port number</help> + <valueHelp> + <format>1025-65535</format> + <description>NetFlow port number (default 2055)</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1025-65535" /> + </constraint> + </properties> + </leafNode> + </children> + </tagNode> + <node name="timeout"> + <properties> + <help>NetFlow timeout values</help> + </properties> + <children> + <leafNode name="expiry-interval"> + <properties> + <help>Expiry scan interval</help> + <valueHelp> + <format>0-2147483647</format> + <description>Expiry scan interval (default 60)</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 0-2147483647" /> + </constraint> + </properties> + </leafNode> + <leafNode name="flow-generic"> + <properties> + <help>Generic flow timeout value</help> + <valueHelp> + <format>0-2147483647</format> + <description>Generic flow timeout in seconds (default 3600)</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 0-2147483647" /> + </constraint> + </properties> + </leafNode> + <leafNode name="icmp"> + <properties> + <help>ICMP timeout value</help> + <valueHelp> + <format>0-2147483647</format> + <description>ICMP timeout in seconds (default 300)</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 0-2147483647" /> + </constraint> + </properties> + </leafNode> + <leafNode name="max-active-life"> + <properties> + <help>Max active timeout value</help> + <valueHelp> + <format>0-2147483647</format> + <description>Max active timeout in seconds (default 604800)</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 0-2147483647" /> + </constraint> + </properties> + </leafNode> + <leafNode name="tcp-fin"> + <properties> + <help>TCP finish timeout value</help> + <valueHelp> + <format>0-2147483647</format> + <description>TCP FIN timeout in seconds (default 300)</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 0-2147483647" /> + </constraint> + </properties> + </leafNode> + <leafNode name="tcp-generic"> + <properties> + <help>TCP generic timeout value</help> + <valueHelp> + <format>0-2147483647</format> + <description>TCP generic timeout in seconds (default 3600)</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 0-2147483647" /> + </constraint> + </properties> + </leafNode> + <leafNode name="tcp-rst"> + <properties> + <help>TCP reset timeout value</help> + <valueHelp> + <format>0-2147483647</format> + <description>TCP RST timeout in seconds (default 120)</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 0-2147483647" /> + </constraint> + </properties> + </leafNode> + <leafNode name="udp"> + <properties> + <help>UDP timeout value</help> + <valueHelp> + <format>0-2147483647</format> + <description>UDP timeout in seconds (default 300)</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 0-2147483647" /> + </constraint> + </properties> + </leafNode> + </children> + </node> + </children> + </node> + <node name="sflow"> + <properties> + <help>sFlow settings</help> + </properties> + <children> + <leafNode name="agent-address"> + <properties> + <help>sFlow agent IPv4 address</help> + <valueHelp> + <format>auto</format> + <description>auto select sFlow agent-address (default)</description> + </valueHelp> + <valueHelp> + <format>ipv4</format> + <description>sFlow IPv4 agent address</description> + </valueHelp> + <constraint> + <validator name="ipv4-address"/> + <regex>^auto$</regex> + </constraint> + </properties> + </leafNode> + <leafNode name="sampling-rate"> + <properties> + <help>sFlow sampling-rate</help> + <valueHelp> + <format>0-4294967295</format> + <description>Sampling rate (1 in N packets)</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 0-4294967295" /> + </constraint> + </properties> + </leafNode> + <tagNode name="server"> + <properties> + <help>Server to export sFlow [REQUIRED]</help> + <valueHelp> + <format>ipv4</format> + <description>IPv4 server to export sFlow</description> + </valueHelp> + <valueHelp> + <format>ipv6</format> + <description>IPv6 server to export sFlow</description> + </valueHelp> + <constraint> + <validator name="ipv4-address"/> + <validator name="ipv6-address"/> + </constraint> + </properties> + <children> + <leafNode name="port"> + <properties> + <help>sFlow port number</help> + <valueHelp> + <format>1025-65535</format> + <description>sFlow port number (default 6343)</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1025-65535" /> + </constraint> + </properties> + </leafNode> + </children> + </tagNode> + </children> + </node> + </children> + </node> + </children> + </node> +</interfaceDefinition> |