summaryrefslogtreecommitdiff
path: root/src/conf_mode/service_ids_fastnetmon.py
diff options
context:
space:
mode:
authorNicolás Fort <95703796+nicolas-fort@users.noreply.github.com>2023-07-31 15:22:51 -0300
committerGitHub <noreply@github.com>2023-07-31 15:22:51 -0300
commit657a566df58478c2f5d4bccad952bfcb7991e847 (patch)
tree1cf6ab7548286f358d05389132cd82bc177c676a /src/conf_mode/service_ids_fastnetmon.py
parent7ae9d8953ddc9ba38d62400187ce1ec44abb5a6e (diff)
parentdf33f450b4e8b7e0286e36540de81edfb5f52e73 (diff)
downloadvyos-1x-657a566df58478c2f5d4bccad952bfcb7991e847.tar.gz
vyos-1x-657a566df58478c2f5d4bccad952bfcb7991e847.zip
Merge branch 'current' into T5014-dnat
Diffstat (limited to 'src/conf_mode/service_ids_fastnetmon.py')
-rwxr-xr-xsrc/conf_mode/service_ids_fastnetmon.py14
1 files changed, 11 insertions, 3 deletions
diff --git a/src/conf_mode/service_ids_fastnetmon.py b/src/conf_mode/service_ids_fastnetmon.py
index 2e678cf0b..f6b80552b 100755
--- a/src/conf_mode/service_ids_fastnetmon.py
+++ b/src/conf_mode/service_ids_fastnetmon.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2018-2022 VyOS maintainers and contributors
+# Copyright (C) 2018-2023 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -30,6 +30,7 @@ airbag.enable()
config_file = r'/run/fastnetmon/fastnetmon.conf'
networks_list = r'/run/fastnetmon/networks_list'
excluded_networks_list = r'/run/fastnetmon/excluded_networks_list'
+attack_dir = '/var/log/fastnetmon_attacks'
def get_config(config=None):
if config:
@@ -55,8 +56,11 @@ def verify(fastnetmon):
if 'mode' not in fastnetmon:
raise ConfigError('Specify operating mode!')
- if 'listen_interface' not in fastnetmon:
- raise ConfigError('Specify interface(s) for traffic capture')
+ if fastnetmon.get('mode') == 'mirror' and 'listen_interface' not in fastnetmon:
+ raise ConfigError("Incorrect settings for 'mode mirror': must specify interface(s) for traffic mirroring")
+
+ if fastnetmon.get('mode') == 'sflow' and 'listen_address' not in fastnetmon.get('sflow', {}):
+ raise ConfigError("Incorrect settings for 'mode sflow': must specify sFlow 'listen-address'")
if 'alert_script' in fastnetmon:
if os.path.isfile(fastnetmon['alert_script']):
@@ -74,6 +78,10 @@ def generate(fastnetmon):
return None
+ # Create dir for log attack details
+ if not os.path.exists(attack_dir):
+ os.mkdir(attack_dir)
+
render(config_file, 'ids/fastnetmon.j2', fastnetmon)
render(networks_list, 'ids/fastnetmon_networks_list.j2', fastnetmon)
render(excluded_networks_list, 'ids/fastnetmon_excluded_networks_list.j2', fastnetmon)