From a05ae75d14efd14c19943c806cc10b62a066be7a Mon Sep 17 00:00:00 2001 From: Mohamed Mahmoud Date: Fri, 6 Dec 2024 09:59:56 -0500 Subject: [PATCH] Allow populaiting only single filter rules for cli usecase Signed-off-by: Mohamed Mahmoud --- res/flow-capture.yml | 38 ++------------------------------------ res/packet-capture.yml | 36 ++---------------------------------- scripts/functions.sh | 38 +++++++++++++++++++------------------- 3 files changed, 23 insertions(+), 89 deletions(-) diff --git a/res/flow-capture.yml b/res/flow-capture.yml index abe07fce..ac979300 100644 --- a/res/flow-capture.yml +++ b/res/flow-capture.yml @@ -45,42 +45,8 @@ spec: value: "false" - name: ENABLE_FLOW_FILTER value: "false" - - name: FILTER_DIRECTION - value: "" - - name: FILTER_IP_CIDR - value: "0.0.0.0/0" - - name: FILTER_PROTOCOL - value: "" - - name: FILTER_SOURCE_PORT - value: "" - - name: FILTER_DESTINATION_PORT - value: "" - - name: FILTER_PORT - value: "" - - name: FILTER_SOURCE_PORT_RANGE - value: "" - - name: FILTER_DESTINATION_PORT_RANGE - value: "" - - name: FILTER_PORT_RANGE - value: "" - - name: FILTER_SOURCE_PORTS - value: "" - - name: FILTER_DESTINATION_PORTS - value: "" - - name: FILTER_PORTS - value: "" - - name: FILTER_ICMP_TYPE - value: "" - - name: FILTER_ICMP_CODE - value: "" - - name: FILTER_PEER_IP - value: "" - - name: FILTER_TCP_FLAGS - value: "" - - name: FILTER_DROPS - value: "false" - - name: FILTER_ACTION - value: "Accept" + - name: FLOW_FILTER_RULES + value: '[{"direction": "", "ip_cidr": "", "protocol": "", "source_port": 0, "destination_port": 0, "port": 0, "source_port_range": "", "source_ports" : "", "destination_port_range": "", "destination_ports": "", "port_range" :"", "ports": "", "icmp_type": 0, "icmp_code": 0, "peer_ip": "", "action": "", "tcp_flags": "", "drops": 0}]' - name: EXPORT value: "direct-flp" - name: FLP_CONFIG diff --git a/res/packet-capture.yml b/res/packet-capture.yml index 3b63904c..0d751285 100644 --- a/res/packet-capture.yml +++ b/res/packet-capture.yml @@ -31,40 +31,8 @@ spec: value: "false" - name: LOG_LEVEL value: info - - name: FILTER_DIRECTION - value: "" - - name: FILTER_IP_CIDR - value: "0.0.0.0/0" - - name: FILTER_PROTOCOL - value: "" - - name: FILTER_SOURCE_PORT - value: "" - - name: FILTER_DESTINATION_PORT - value: "" - - name: FILTER_PORT - value: "" - - name: FILTER_SOURCE_PORT_RANGE - value: "" - - name: FILTER_DESTINATION_PORT_RANGE - value: "" - - name: FILTER_PORT_RANGE - value: "" - - name: FILTER_SOURCE_PORTS - value: "" - - name: FILTER_DESTINATION_PORTS - value: "" - - name: FILTER_PORTS - value: "" - - name: FILTER_ICMP_TYPE - value: "" - - name: FILTER_ICMP_CODE - value: "" - - name: FILTER_PEER_IP - value: "" - - name: FILTER_DROPS - value: "false" - - name: FILTER_ACTION - value: "Accept" + - name: FLOW_FILTER_RULES + value: '[{"direction": "", "ip_cidr": "", "protocol": "", "source_port": 0, "destination_port": 0, "port": 0, "source_port_range": "", "source_ports" : "", "destination_port_range": "", "destination_ports": "", "port_range" :"", "ports": "", "icmp_type": 0, "icmp_code": 0, "peer_ip": "", "action": "", "tcp_flags": "", "drops": 0}]' - name: EXPORT value: "direct-flp" - name: FLP_CONFIG diff --git a/scripts/functions.sh b/scripts/functions.sh index 33dd8787..21460c17 100755 --- a/scripts/functions.sh +++ b/scripts/functions.sh @@ -231,58 +231,58 @@ function edit_manifest() { yq e --inplace ".spec.template.spec.containers[0].env[] |= select(.name==\"ENABLE_FLOW_FILTER\").value|=\"$2\"" "$3" ;; "filter_direction") - yq e --inplace ".spec.template.spec.containers[0].env[] |= select(.name==\"FILTER_DIRECTION\").value|=\"$2\"" "$3" + yq e --inplace " .spec.template.spec.containers[0].env[] |= select(.name == \"FLOW_FILTER_RULES\").value |=(fromjson | map(.direction = \"$2\")| tostring)" "$3" ;; "filter_cidr") - yq e --inplace ".spec.template.spec.containers[0].env[] |= select(.name==\"FILTER_IP_CIDR\").value|=\"$2\"" "$3" + yq e --inplace " .spec.template.spec.containers[0].env[] |= select(.name == \"FLOW_FILTER_RULES\").value |=(fromjson | map(.ip_cidr = \"$2\")| tostring)" "$3" ;; "filter_protocol") - yq e --inplace ".spec.template.spec.containers[0].env[] |= select(.name==\"FILTER_PROTOCOL\").value|=\"$2\"" "$3" + yq e --inplace " .spec.template.spec.containers[0].env[] |= select(.name == \"FLOW_FILTER_RULES\").value |=(fromjson | map(.protocol = \"$2\")| tostring)" "$3" ;; "filter_sport") - yq e --inplace ".spec.template.spec.containers[0].env[] |= select(.name==\"FILTER_SOURCE_PORT\").value|=\"$2\"" "$3" + yq e --inplace " .spec.template.spec.containers[0].env[] |= select(.name == \"FLOW_FILTER_RULES\").value |=(fromjson | map(.source_port = \"$2\")| tostring)" "$3" ;; "filter_dport") - yq e --inplace ".spec.template.spec.containers[0].env[] |= select(.name==\"FILTER_DESTINATION_PORT\").value|=\"$2\"" "$3" + yq e --inplace " .spec.template.spec.containers[0].env[] |= select(.name == \"FLOW_FILTER_RULES\").value |=(fromjson | map(.destination_port = \"$2\")| tostring)" "$3" ;; "filter_port") - yq e --inplace ".spec.template.spec.containers[0].env[] |= select(.name==\"FILTER_PORT\").value|=\"$2\"" "$3" + yq e --inplace " .spec.template.spec.containers[0].env[] |= select(.name == \"FLOW_FILTER_RULES\").value |=(fromjson | map(.port = \"$2\")| tostring)" "$3" ;; "filter_sport_range") - yq e --inplace ".spec.template.spec.containers[0].env[] |= select(.name==\"FILTER_SOURCE_PORT_RANGE\").value|=\"$2\"" "$3" + yq e --inplace " .spec.template.spec.containers[0].env[] |= select(.name == \"FLOW_FILTER_RULES\").value |=(fromjson | map(.source_port_range = \"$2\")| tostring)" "$3" ;; "filter_dport_range") - yq e --inplace ".spec.template.spec.containers[0].env[] |= select(.name==\"FILTER_DESTINATION_PORT_RANGE\").value|=\"$2\"" "$3" + yq e --inplace " .spec.template.spec.containers[0].env[] |= select(.name == \"FLOW_FILTER_RULES\").value |=(fromjson | map(.destination_port_range = \"$2\")| tostring)" "$3" ;; "filter_port_range") - yq e --inplace ".spec.template.spec.containers[0].env[] |= select(.name==\"FILTER_PORT_RANGE\").value|=\"$2\"" "$3" + yq e --inplace " .spec.template.spec.containers[0].env[] |= select(.name == \"FLOW_FILTER_RULES\").value |=(fromjson | map(.port_range = \"$2\")| tostring)" "$3" ;; "filter_sports") - yq e --inplace ".spec.template.spec.containers[0].env[] |= select(.name==\"FILTER_SOURCE_PORTS\").value|=\"$2\"" "$3" + yq e --inplace " .spec.template.spec.containers[0].env[] |= select(.name == \"FLOW_FILTER_RULES\").value |=(fromjson | map(.source_ports = \"$2\")| tostring)" "$3" ;; - "filter_dportS") - yq e --inplace ".spec.template.spec.containers[0].env[] |= select(.name==\"FILTER_DESTINATION_PORTS\").value|=\"$2\"" "$3" + "filter_dports") + yq e --inplace " .spec.template.spec.containers[0].env[] |= select(.name == \"FLOW_FILTER_RULES\").value |=(fromjson | map(.destination_ports = \"$2\")| tostring)" "$3" ;; "filter_ports") - yq e --inplace ".spec.template.spec.containers[0].env[] |= select(.name==\"FILTER_PORTS\").value|=\"$2\"" "$3" + yq e --inplace " .spec.template.spec.containers[0].env[] |= select(.name == \"FLOW_FILTER_RULES\").value |=(fromjson | map(.ports = \"$2\")| tostring)" "$3" ;; "filter_icmp_type") - yq e --inplace ".spec.template.spec.containers[0].env[] |= select(.name==\"FILTER_ICMP_TYPE\").value|=\"$2\"" "$3" + yq e --inplace " .spec.template.spec.containers[0].env[] |= select(.name == \"FLOW_FILTER_RULES\").value |=(fromjson | map(.icmp_type = \"$2\")| tostring)" "$3" ;; "filter_icmp_code") - yq e --inplace ".spec.template.spec.containers[0].env[] |= select(.name==\"FILTER_ICMP_CODE\").value|=\"$2\"" "$3" + yq e --inplace " .spec.template.spec.containers[0].env[] |= select(.name == \"FLOW_FILTER_RULES\").value |=(fromjson | map(.icmp_code = \"$2\")| tostring)" "$3" ;; "filter_peer_ip") - yq e --inplace ".spec.template.spec.containers[0].env[] |= select(.name==\"FILTER_PEER_IP\").value|=\"$2\"" "$3" + yq e --inplace " .spec.template.spec.containers[0].env[] |= select(.name == \"FLOW_FILTER_RULES\").value |=(fromjson | map(.peer_ip = \"$2\")| tostring)" "$3" ;; "filter_action") - yq e --inplace ".spec.template.spec.containers[0].env[] |= select(.name==\"FILTER_ACTION\").value|=\"$2\"" "$3" + yq e --inplace " .spec.template.spec.containers[0].env[] |= select(.name == \"FLOW_FILTER_RULES\").value |=(fromjson | map(.action = \"$2\")| tostring)" "$3" ;; "filter_tcp_flags") - yq e --inplace ".spec.template.spec.containers[0].env[] |= select(.name==\"FILTER_TCP_FLAGS\").value|=\"$2\"" "$3" + yq e --inplace " .spec.template.spec.containers[0].env[] |= select(.name == \"FLOW_FILTER_RULES\").value |=(fromjson | map(.tcp_flags = \"$2\")| tostring)" "$3" ;; "filter_pkt_drops") - yq e --inplace ".spec.template.spec.containers[0].env[] |= select(.name==\"FILTER_DROPS\").value|=\"$2\"" "$3" + yq e --inplace " .spec.template.spec.containers[0].env[] |= select(.name == \"FLOW_FILTER_RULES\").value |=(fromjson | map(.drops = \"$2\")| tostring)" "$3" ;; "log_level") yq e --inplace ".spec.template.spec.containers[0].env[] |= select(.name==\"LOG_LEVEL\").value|=\"$2\"" "$3"