From 20cb84cd066c4eaebd47f2caeb81c59bffbefb50 Mon Sep 17 00:00:00 2001 From: Christian Deacon Date: Fri, 28 Mar 2025 13:26:18 -0400 Subject: [PATCH] Workflow Improvements (#69) This PR attempts to run the XDP program for 10 seconds when running the `run.yml` workflow instead of printing the help menu. --- .github/workflows/build.yml | 12 ++++-------- .github/workflows/run.yml | 29 ++++++++++++++++------------- src/loader/utils/config.c | 13 ++++++++++++- 3 files changed, 32 insertions(+), 22 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index c37c5b1..f5c1508 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,18 +1,14 @@ name: Build on: - push: - branches: [ master ] - pull_request: - branches: [ master ] - workflow_call: + - push jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 with: submodules: recursive - name: Run apt update @@ -34,7 +30,7 @@ jobs: - name: Install project run: sudo make install - name: Store build artifacts - uses: actions/upload-artifact@master + uses: actions/upload-artifact@v4 with: name: build-output - path: build/loader/xdpfw + path: build/ diff --git a/.github/workflows/run.yml b/.github/workflows/run.yml index 6edb1a0..cf21a04 100644 --- a/.github/workflows/run.yml +++ b/.github/workflows/run.yml @@ -1,22 +1,17 @@ name: Run on: - push: - branches: [ master ] - pull_request: - branches: [ master ] + workflow_run: + workflows: ["Build"] + types: [completed] jobs: - reuse_build: - uses: gamemann/XDP-Firewall/.github/workflows/build.yml@master run: - needs: reuse_build runs-on: ubuntu-latest + steps: - name: Download artifact from Build workflow - uses: actions/download-artifact@master - with: - name: build-output + uses: actions/download-artifact@v4 - name: Run apt update run: sudo apt update - name: Install LibConfig @@ -25,7 +20,15 @@ jobs: run: sudo apt install libelf-dev - name: List files run: ls -la + - name: Create /etc/xdpfw directory. + run: sudo mkdir -p /etc/xdpfw + - name: Copy XDP program to /etc/xdpfw. + run: sudo cp -f ./build-output/xdp/xdp_prog.o /etc/xdpfw - name: Add execute permissions to executable file - run: sudo chmod +x ./xdpfw - - name: Run XDP FW with help menu - run: sudo ./xdpfw -h + run: sudo chmod +x ./build-output/loader/xdpfw + - name: Create basic config file. + run: echo 'verbose = 5; filters = ( { enabled = true; log = true; action = 0; tcp_enabled = true; tcp_dport = 22; } );' > ./basic.conf + - name: Retrieve default network interface + run: echo "INTERFACE=$(ip route | awk '/default/ {print $5}')" >> $GITHUB_ENV + - name: Run XDP FW for 10 seconds using basic config and default network interface. + run: sudo ./build-output/loader/xdpfw -c ./basic.conf -t 10 -i ${{ env.INTERFACE }} diff --git a/src/loader/utils/config.c b/src/loader/utils/config.c index 8c213cf..0d13e83 100644 --- a/src/loader/utils/config.c +++ b/src/loader/utils/config.c @@ -273,6 +273,17 @@ int parse_cfg(config__t *cfg, const char* data, config_overrides_t* overrides) } } } + else if (overrides && overrides->interface) + { + if (cfg->interfaces[0]) + { + free(cfg->interfaces[0]); + cfg->interfaces[0] = NULL; + } + + cfg->interfaces[0] = strdup(overrides->interface); + cfg->interfaces_cnt = 1; + } // Pin BPF maps. int pin_maps; @@ -1433,7 +1444,7 @@ void print_filter(filter_rule_cfg_t* filter, int idx) // ICMP Options. printf("\t\tICMP Options\n"); - + printf("\t\t\tICMP Enabled => %d\n", filter->icmp.enabled); printf("\t\t\tICMP Code => %d\n", filter->icmp.code); printf("\t\t\tICMP Type => %d\n", filter->icmp.type);