Skip to content

Commit

Permalink
NETOBSERV-1803: Allow flow filtering for L4 protocols using two ports
Browse files Browse the repository at this point in the history 
Signed-off-by: Mohamed Mahmoud <[email protected]>
  • Loading branch information
@msherif1234
msherif1234 committed Sep 19, 2024
1 parent dd4a15c commit fec871a
Show file tree
Hide file tree
Showing 3 changed files with 47 additions and 15 deletions.
6 changes: 6 additions & 0 deletions res/flow-capture.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,12 @@ spec:
value: ""
- name: FILTER_PORT_RANGE
value: ""
- name: FILTER_SOURCE_PORTS
value: ""
- name: FILTER_DESTINATION_PORTS
value: ""
- name: FILTER_PORTS
value: ""
- name: FILTER_ICMP_TYPE
value: ""
- name: FILTER_ICMP_CODE
Expand Down
6 changes: 6 additions & 0 deletions res/packet-capture.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,12 @@ spec:
value: ""
- name: FILTER_PORT_RANGE
value: ""
- name: FILTER_SOURCE_PORTS
value: ""
- name: FILTER_DESTINATION_PORTS
value: ""
- name: FILTER_PORTS
value: ""
- name: FILTER_ICMP_TYPE
value: ""
- name: FILTER_ICMP_CODE
Expand Down
50 changes: 35 additions & 15 deletions scripts/functions.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -168,21 +168,23 @@ function common_usage {
echo " --max-bytes: maximum capture bytes (default: 50000000 = 50MB)"
echo " --copy: copy the output files locally (default: prompt)"
# filters
echo " --direction: flow filter direction (default: n/a)"
echo " --cidr: flow filter CIDR (default: 0.0.0.0/0)"
echo " --protocol: flow filter protocol (default: n/a)"
echo " --sport: flow filter source port (default: n/a)"
echo " --dport: flow filter destination port (default: n/a)"
echo " --port: flow filter port (default: n/a)"
echo " --sport_range: flow filter source port range (default: n/a)"
echo " --dport_range: flow filter destination port range (default: n/a)"
echo " --port_range: flow filter port range (default: n/a)"
echo " --tcp_flags: flow filter TCP flags (default: n/a)"
echo " --icmp_type: ICMP type (default: n/a)"
echo " --icmp_code: ICMP code (default: n/a)"
echo " --peer_ip: peer IP (default: n/a)"
echo " --action: flow filter action (default: Accept)"

echo " --direction: flow filter direction (default: n/a)"
echo " --cidr: flow filter CIDR (default: 0.0.0.0/0)"
echo " --protocol: flow filter protocol (default: n/a)"
echo " --sport: flow filter source port (default: n/a)"
echo " --dport: flow filter destination port (default: n/a)"
echo " --port: flow filter port (default: n/a)"
echo " --sport_range: flow filter source port range (default: n/a)"
echo " --dport_range: flow filter destination port range (default: n/a)"
echo " --port_range: flow filter port range (default: n/a)"
echo " --sports: flow filter on either of two source ports (default: n/a)"
echo " --dports: flow filter on either of two destination ports (default: n/a)"
echo " --ports: flow filter on either of two ports (default: n/a)"
echo " --tcp_flags: flow filter TCP flags (default: n/a)"
echo " --icmp_type: ICMP type (default: n/a)"
echo " --icmp_code: ICMP code (default: n/a)"
echo " --peer_ip: peer IP (default: n/a)"
echo " --action: flow filter action (default: Accept)"
}

function flows_usage {
Expand Down Expand Up @@ -253,6 +255,15 @@ function edit_manifest() {
"filter_port_range")
yq e --inplace ".spec.template.spec.containers[0].env[] |= select(.name==\"FILTER_PORT_RANGE\").value|=\"$2\"" "$3"
;;
"filter_sports")
yq e --inplace ".spec.template.spec.containers[0].env[] |= select(.name==\"FILTER_SOURCE_PORTS\").value|=\"$2\"" "$3"
;;
"filter_dportS")
yq e --inplace ".spec.template.spec.containers[0].env[] |= select(.name==\"FILTER_DESTINATION_PORTS\").value|=\"$2\"" "$3"
;;
"filter_ports")
yq e --inplace ".spec.template.spec.containers[0].env[] |= select(.name==\"FILTER_PORTS\").value|=\"$2\"" "$3"
;;
"filter_icmp_type")
yq e --inplace ".spec.template.spec.containers[0].env[] |= select(.name==\"FILTER_ICMP_TYPE\").value|=\"$2\"" "$3"
;;
Expand Down Expand Up @@ -390,6 +401,15 @@ function check_args_and_apply() {
--port_range) # Configure filter port range
edit_manifest "filter_port_range" "$value" "$2"
;;
--sports) # Configure filter source two ports using ","
edit_manifest "filter_sports" "$value" "$2"
;;
--dports) # Configure filter destination two ports using ","
edit_manifest "filter_dports" "$value" "$2"
;;
--ports) # Configure filter on two ports usig "," can either be srcport or dstport
edit_manifest "filter_ports" "$value" "$2"
;;
--tcp_flags) # Configure filter TCP flags
if [[ "$value" == "SYN" || "$value" == "SYN-ACK" || "$value" == "ACK" || "$value" == "FIN" || "$value" == "RST" || "$value" == "FIN-ACK" || "$value" == "RST-ACK" || "$value" == "PSH" || "$value" == "URG" || "$value" == "ECE" || "$value" == "CWR" ]]; then
edit_manifest "filter_tcp_flags" "$value" "$2"
Expand Down

0 comments on commit fec871a

Please sign in to comment.