diff options
Diffstat (limited to 'interface-definitions/service-ids-ddos-protection.xml.in')
| -rw-r--r-- | interface-definitions/service-ids-ddos-protection.xml.in | 96 |
1 files changed, 64 insertions, 32 deletions
diff --git a/interface-definitions/service-ids-ddos-protection.xml.in b/interface-definitions/service-ids-ddos-protection.xml.in index 5e65d3106..a661b845d 100644 --- a/interface-definitions/service-ids-ddos-protection.xml.in +++ b/interface-definitions/service-ids-ddos-protection.xml.in @@ -18,6 +18,19 @@ <help>Path to fastnetmon alert script</help> </properties> </leafNode> + <leafNode name="ban-time"> + <properties> + <help>How long we should keep an IP in blocked state</help> + <valueHelp> + <format>u32:1-4294967294</format> + <description>Time in seconds</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-4294967294"/> + </constraint> + </properties> + <defaultValue>1900</defaultValue> + </leafNode> <leafNode name="direction"> <properties> <help>Direction for processing traffic</help> @@ -30,6 +43,24 @@ <multi/> </properties> </leafNode> + <leafNode name="excluded-network"> + <properties> + <help>Specify IPv4 and IPv6 networks which are going to be excluded from protection</help> + <valueHelp> + <format>ipv4net</format> + <description>IPv4 prefix(es) to exclude</description> + </valueHelp> + <valueHelp> + <format>ipv6net</format> + <description>IPv6 prefix(es) to exclude</description> + </valueHelp> + <constraint> + <validator name="ipv4-prefix"/> + <validator name="ipv6-prefix"/> + </constraint> + <multi/> + </properties> + </leafNode> <leafNode name="listen-interface"> <properties> <help>Listen interface for mirroring traffic</help> @@ -55,13 +86,18 @@ </node> <leafNode name="network"> <properties> - <help>Define monitoring networks</help> + <help>Specify IPv4 and IPv6 networks which belong to you</help> <valueHelp> <format>ipv4net</format> - <description>Processed network</description> + <description>Your IPv4 prefix(es)</description> + </valueHelp> + <valueHelp> + <format>ipv6net</format> + <description>Your IPv6 prefix(es)</description> </valueHelp> <constraint> <validator name="ipv4-prefix"/> + <validator name="ipv6-prefix"/> </constraint> <multi/> </properties> @@ -71,42 +107,38 @@ <help>Attack limits thresholds</help> </properties> <children> - <leafNode name="fps"> + <node name="general"> <properties> - <help>Flows per second</help> - <valueHelp> - <format>u32:0-4294967294</format> - <description>Flows per second</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 0-4294967294"/> - </constraint> + <help>General threshold</help> </properties> - </leafNode> - <leafNode name="mbps"> + <children> + #include <include/ids/threshold.xml.i> + </children> + </node> + <node name="tcp"> <properties> - <help>Megabits per second</help> - <valueHelp> - <format>u32:0-4294967294</format> - <description>Megabits per second</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 0-4294967294"/> - </constraint> + <help>TCP threshold</help> </properties> - </leafNode> - <leafNode name="pps"> + <children> + #include <include/ids/threshold.xml.i> + </children> + </node> + <node name="udp"> <properties> - <help>Packets per second</help> - <valueHelp> - <format>u32:0-4294967294</format> - <description>Packets per second</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 0-4294967294"/> - </constraint> + <help>UDP threshold</help> </properties> - </leafNode> + <children> + #include <include/ids/threshold.xml.i> + </children> + </node> + <node name="icmp"> + <properties> + <help>ICMP threshold</help> + </properties> + <children> + #include <include/ids/threshold.xml.i> + </children> + </node> </children> </node> </children> |