Defaults updates

netascode · Aug 10, 2024 · 573a2d3 · 573a2d3
1 parent a388611
commit 573a2d3
Showing 1 changed file with 48 additions and 46 deletions.
diff --git a/defaults/defaults.yaml b/defaults/defaults.yaml
@@ -3,50 +3,54 @@ defaults:
   fmc:
     domains:
       devices:
-        deploy_ignore_warning: false
-        deploy_force: false
-        physical_interfaces:
-          enabled: true
-          mode: "NONE"
-          sub_interfaces:
+        devices:
+          deploy_ignore_warning: false
+          deploy_force: false
+          physical_interfaces:
+            enabled: true
             mode: "NONE"
-        ipv4_static_routes:
-          metric_value: 1
-        vnis:
-          description: "VNI Interface"
-      clusters:
-        ccl_prefix: 10.10.3.0/27
-        vni_prefix: 10.10.4.0/27
-      prefilter_policies:
-        action: "ANALYZE_TUNNELS"
-      access_policies:
-        default_action: "BLOCK"
-        log_begin: false
-        log_end: false
-        send_events_to_fmc: false
-        access_rules:
-          enable_syslog: false
-          enabled: true
-      ftd_nat_policies:
-        ftd_auto_nat_rules:
-          fall_through: false
-          ipv6: false
-          net_to_net: false
-          no_proxy_arp: false
-          perform_route_lookup: false
-          translate_dns: false
-          translated_network_is_destination_interface: true
-        ftd_manual_nat_rules:
-          enabled: true
-          fall_through: false
-          interface_in_original_destination: false
-          interface_in_translated_source: true
-          ipv6: false
-          net_to_net: false
-          no_proxy_arp: false
-          perform_route_lookup: false
-          translate_dns: false
-          unidirectional: false
+            sub_interfaces:
+              mode: "NONE"
+          ipv4_static_routes:
+            metric_value: 1
+          vnis:
+            description: "VNI Interface"
+        clusters:
+          ccl_prefix: 10.10.3.0/27
+          vni_prefix: 10.10.4.0/27
+      policies:
+        prefilter_policies:
+          action: "ANALYZE_TUNNELS"
+        network_analysis_policies:
+          snort_engine: "SNORT2"             
+        access_policies:
+          default_action: "BLOCK"
+          log_begin: false
+          log_end: false
+          send_events_to_fmc: false
+          access_rules:
+            enable_syslog: false
+            enabled: true
+        ftd_nat_policies:
+          ftd_auto_nat_rules:
+            fall_through: false
+            ipv6: false
+            net_to_net: false
+            no_proxy_arp: false
+            perform_route_lookup: false
+            translate_dns: false
+            translated_network_is_destination_interface: true
+          ftd_manual_nat_rules:
+            enabled: true
+            fall_through: false
+            interface_in_original_destination: false
+            interface_in_translated_source: true
+            ipv6: false
+            net_to_net: false
+            no_proxy_arp: false
+            perform_route_lookup: false
+            translate_dns: false
+            unidirectional: false
       objects:
         fqdns:
           dns_resolution: "IPV4_AND_IPV6"
@@ -65,6 +69,4 @@ defaults:
         extended_access_lists:
             logging: "DISABLED"
             log_interval: 300
-            log_level: "INFORMATIONAL"
-      network_analysis_policies:
-        snort_engine: "SNORT2"
+            log_level: "INFORMATIONAL"