diff options
Diffstat (limited to 'data/templates/ids')
| -rw-r--r-- | data/templates/ids/fastnetmon.j2 (renamed from data/templates/ids/fastnetmon.tmpl) | 38 | ||||
| -rw-r--r-- | data/templates/ids/fastnetmon_networks_list.j2 | 7 | ||||
| -rw-r--r-- | data/templates/ids/fastnetmon_networks_list.tmpl | 7 |
3 files changed, 24 insertions, 28 deletions
diff --git a/data/templates/ids/fastnetmon.tmpl b/data/templates/ids/fastnetmon.j2 index 1f6a1c808..c482002fa 100644 --- a/data/templates/ids/fastnetmon.tmpl +++ b/data/templates/ids/fastnetmon.j2 @@ -25,36 +25,32 @@ unban_only_if_attack_finished = on # For each subnet, list track speed in bps and pps for both directions enable_subnet_counters = off -{% if "mirror" in mode %} +{% if mode.mirror is vyos_defined %} mirror_afpacket = on {% endif %} -{% if "in" in direction %} -process_incoming_traffic = on -{% endif %} -{% if "out" in direction %} -process_outgoing_traffic = on -{% endif %} -{% for th in threshold %} -{% if th == "fps" %} +process_incoming_traffic = {{ 'on' if direction is vyos_defined and 'in' in direction else 'off' }} +process_outgoing_traffic = {{ 'on' if direction is vyos_defined and 'out' in direction else 'off' }} + +{% if threshold is vyos_defined %} +{% for thr, thr_value in threshold.items() %} +{% if thr is vyos_defined('fps') %} ban_for_flows = on -threshold_flows = {{ threshold[th] }} -{% endif %} -{% if th == "mbps" %} +threshold_flows = {{ thr_value }} +{% elif thr is vyos_defined('mbps') %} ban_for_bandwidth = on -threshold_mbps = {{ threshold[th] }} -{% endif %} -{% if th == "pps" %} +threshold_mbps = {{ thr_value }} +{% elif thr is vyos_defined('pps') %} ban_for_pps = on -threshold_pps = {{ threshold[th] }} +threshold_pps = {{ thr_value }} +{% endif %} +{% endfor %} {% endif %} -{% endfor %} -{% if listen_interface %} -{% set value = listen_interface if listen_interface is string else listen_interface | join(',') %} -interfaces = {{ value }} +{% if listen_interface is vyos_defined %} +interfaces = {{ listen_interface | join(',') }} {% endif %} -{% if alert_script %} +{% if alert_script is vyos_defined %} notify_script_path = {{ alert_script }} {% endif %} diff --git a/data/templates/ids/fastnetmon_networks_list.j2 b/data/templates/ids/fastnetmon_networks_list.j2 new file mode 100644 index 000000000..1c81180be --- /dev/null +++ b/data/templates/ids/fastnetmon_networks_list.j2 @@ -0,0 +1,7 @@ +{% if network is vyos_defined(var_type=str) %} +{{ network }} +{% else %} +{% for net in network %} +{{ net }} +{% endfor %} +{% endif %} diff --git a/data/templates/ids/fastnetmon_networks_list.tmpl b/data/templates/ids/fastnetmon_networks_list.tmpl deleted file mode 100644 index d58990053..000000000 --- a/data/templates/ids/fastnetmon_networks_list.tmpl +++ /dev/null @@ -1,7 +0,0 @@ -{% if network is string %} -{{ network }} -{% else %} -{% for net in network %} -{{ net }} -{% endfor %} -{% endif %} |