5 files changed, 10 insertions, 159 deletions
diff --git a/data/templates/dhcp-server/kea-ctrl-agent.conf.j2 b/data/templates/dhcp-server/kea-ctrl-agent.conf.j2
deleted file mode 100644
index b37cf4798..000000000
--- a/data/templates/dhcp-server/kea-ctrl-agent.conf.j2
+++ /dev/null
@@ -1,14 +0,0 @@
-{
-    "Control-agent": {
-{% if high_availability is vyos_defined %}
-        "http-host": "{{ high_availability.source_address }}",
-        "http-port": 647,
-        "control-sockets": {
-            "dhcp4": {
-                "socket-type": "unix",
-                "socket-name": "/run/kea/dhcp4-ctrl-socket"
-            }
-        }
-{% endif %}
-    }
-}
diff --git a/data/templates/dhcp-server/kea-dhcp4.conf.j2 b/data/templates/dhcp-server/kea-dhcp4.conf.j2
index 2e10d58e0..8d9ffb194 100644
--- a/data/templates/dhcp-server/kea-dhcp4.conf.j2
+++ b/data/templates/dhcp-server/kea-dhcp4.conf.j2
@@ -25,20 +25,6 @@
         },
         "option-def": [
             {
-                "name": "rfc3442-static-route",
-                "code": 121,
-                "type": "record",
-                "array": true,
-                "record-types": "uint8,uint8,uint8,uint8,uint8,uint8,uint8"
-            },
-            {
-                "name": "windows-static-route",
-                "code": 249,
-                "type": "record",
-                "array": true,
-                "record-types": "uint8,uint8,uint8,uint8,uint8,uint8,uint8"
-            },
-            {
                 "name": "wpad-url",
                 "code": 252,
                 "type": "string"
@@ -69,6 +55,16 @@
             },
 {% endif %}
             {
+                "library": "/usr/lib/{{ machine }}-linux-gnu/kea/hooks/libdhcp_ping_check.so",
+                "parameters": {
+                    "enable-ping-check" : false,
+                    "min-ping-requests" : 1,
+                    "reply-timeout" : 100,
+                    "ping-cltt-secs" : 60,
+                    "ping-channel-threads" : 0
+                }
+            },
+            {
                 "library": "/usr/lib/{{ machine }}-linux-gnu/kea/hooks/libdhcp_lease_cmds.so",
                 "parameters": {}
             }
diff --git a/data/templates/ids/fastnetmon.j2 b/data/templates/ids/fastnetmon.j2
deleted file mode 100644
index f6f03d0db..000000000
--- a/data/templates/ids/fastnetmon.j2
+++ /dev/null
@@ -1,121 +0,0 @@
-# enable this option if you want to send logs to local syslog facility
-logging:logging_level = debug
-logging:local_syslog_logging = on
-
-# list of all your networks in CIDR format
-networks_list_path = /run/fastnetmon/networks_list
-
-# list networks in CIDR format which will be not monitored for attacks
-white_list_path = /run/fastnetmon/excluded_networks_list
-
-# Enable/Disable any actions in case of attack
-enable_ban = on
-enable_ban_ipv6 = on
-
-## How many packets will be collected from attack traffic
-ban_details_records_count = 500
-
-## How long (in seconds) we should keep an IP in blocked state
-## If you set 0 here it completely disables unban capability
-{% if ban_time is vyos_defined %}
-ban_time = {{ ban_time }}
-{% endif %}
-
-# Check if the attack is still active, before triggering an unban callback with this option
-# If the attack is still active, check each run of the unban watchdog
-unban_only_if_attack_finished = on
-
-# enable per subnet speed meters
-# For each subnet, list track speed in bps and pps for both directions
-enable_subnet_counters = off
-
-{% if mode is vyos_defined('mirror') %}
-mirror_afpacket = on
-{% elif mode is vyos_defined('sflow') %}
-sflow = on
-{%     if sflow.port is vyos_defined %}
-sflow_port = {{ sflow.port }}
-{%     endif %}
-{%     if sflow.listen_address is vyos_defined %}
-sflow_host = {{ sflow.listen_address }}
-{%     endif %}
-{% endif %}
-
-
-process_incoming_traffic = {{ 'on' if direction is vyos_defined and 'in' in direction else 'off' }}
-process_outgoing_traffic = {{ 'on' if direction is vyos_defined and 'out' in direction else 'off' }}
-
-{% if threshold is vyos_defined %}
-{%     if threshold.general is vyos_defined %}
-# General threshold
-{%         for thr, thr_value in threshold.general.items() %}
-{%             if thr is vyos_defined('fps') %}
-ban_for_flows = on
-threshold_flows = {{ thr_value }}
-{%             elif thr is vyos_defined('mbps') %}
-ban_for_bandwidth = on
-threshold_mbps = {{ thr_value }}
-{%             elif thr is vyos_defined('pps') %}
-ban_for_pps = on
-threshold_pps = {{ thr_value }}
-{%             endif %}
-{%         endfor %}
-{%     endif %}
-
-{%     if threshold.tcp is vyos_defined %}
-# TCP threshold
-{%         for thr, thr_value in threshold.tcp.items() %}
-{%             if thr is vyos_defined('fps') %}
-ban_for_tcp_flows = on
-threshold_tcp_flows = {{ thr_value }}
-{%             elif thr is vyos_defined('mbps') %}
-ban_for_tcp_bandwidth = on
-threshold_tcp_mbps = {{ thr_value }}
-{%             elif thr is vyos_defined('pps') %}
-ban_for_tcp_pps = on
-threshold_tcp_pps = {{ thr_value }}
-{%             endif %}
-{%         endfor %}
-{%     endif %}
-
-{%     if threshold.udp is vyos_defined %}
-# UDP threshold
-{%         for thr, thr_value in threshold.udp.items() %}
-{%             if thr is vyos_defined('fps') %}
-ban_for_udp_flows = on
-threshold_udp_flows = {{ thr_value }}
-{%             elif thr is vyos_defined('mbps') %}
-ban_for_udp_bandwidth = on
-threshold_udp_mbps = {{ thr_value }}
-{%             elif thr is vyos_defined('pps') %}
-ban_for_udp_pps = on
-threshold_udp_pps = {{ thr_value }}
-{%             endif %}
-{%         endfor %}
-{%     endif %}
-
-{%     if threshold.icmp is vyos_defined %}
-# ICMP threshold
-{%         for thr, thr_value in threshold.icmp.items() %}
-{%             if thr is vyos_defined('fps') %}
-ban_for_icmp_flows = on
-threshold_icmp_flows = {{ thr_value }}
-{%             elif thr is vyos_defined('mbps') %}
-ban_for_icmp_bandwidth = on
-threshold_icmp_mbps = {{ thr_value }}
-{%             elif thr is vyos_defined('pps') %}
-ban_for_icmp_pps = on
-threshold_icmp_pps = {{ thr_value }}
-{%             endif %}
-{%         endfor %}
-{%     endif %}
-
-{% endif %}
-
-{% if listen_interface is vyos_defined %}
-interfaces = {{ listen_interface | join(',') }}
-{% endif %}
-
-{% if alert_script is vyos_defined %}
-notify_script_path = {{ alert_script }}
-{% endif %}
diff --git a/data/templates/ids/fastnetmon_excluded_networks_list.j2 b/data/templates/ids/fastnetmon_excluded_networks_list.j2
deleted file mode 100644
index c88a1c527..000000000
--- a/data/templates/ids/fastnetmon_excluded_networks_list.j2
+++ /dev/null
@@ -1,5 +0,0 @@
-{% if excluded_network is vyos_defined %}
-{%     for net in excluded_network %}
-{{ net }}
-{%     endfor %}
-{% endif %}
diff --git a/data/templates/ids/fastnetmon_networks_list.j2 b/data/templates/ids/fastnetmon_networks_list.j2
deleted file mode 100644
index 0a0576d2a..000000000
--- a/data/templates/ids/fastnetmon_networks_list.j2
+++ /dev/null
@@ -1,5 +0,0 @@
-{% if network is vyos_defined %}
-{%     for net in network %}
-{{ net }}
-{%     endfor %}
-{% endif %}