kaffa/XDP-Firewall
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Workflow Improvements (#69)

Browse Source 
This PR attempts to run the XDP program for 10 seconds when running the `run.yml` workflow instead of printing the help menu.
This commit is contained in:
Christian Deacon
2025-03-28 13:26:18 -04:00
committed by GitHub
parent 3062ddd166
commit 20cb84cd06
3 changed files with 32 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
.github/workflows/build.yml vendored
View File

@@ -1,18 +1,14 @@
name: Build name: Build
on: on:
push: - push
branches: [ master ]
pull_request:
branches: [ master ]
workflow_call:
jobs: jobs:
build: build:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v2 - uses: actions/checkout@v4
with: with:
submodules: recursive submodules: recursive
- name: Run apt update - name: Run apt update
@@ -34,7 +30,7 @@ jobs:
- name: Install project - name: Install project
run: sudo make install run: sudo make install
- name: Store build artifacts - name: Store build artifacts
uses: actions/upload-artifact@master uses: actions/upload-artifact@v4
with: with:
name: build-output name: build-output
path: build/loader/xdpfw path: build/

29
.github/workflows/run.yml vendored
View File

@@ -1,22 +1,17 @@
name: Run name: Run
on: on:
push: workflow_run:
branches: [ master ] workflows: ["Build"]
pull_request: types: [completed]
branches: [ master ]
jobs: jobs:
reuse_build:
uses: gamemann/XDP-Firewall/.github/workflows/build.yml@master
run: run:
needs: reuse_build
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Download artifact from Build workflow - name: Download artifact from Build workflow
uses: actions/download-artifact@master uses: actions/download-artifact@v4
with:
name: build-output
- name: Run apt update - name: Run apt update
run: sudo apt update run: sudo apt update
- name: Install LibConfig - name: Install LibConfig
@@ -25,7 +20,15 @@ jobs:
run: sudo apt install libelf-dev run: sudo apt install libelf-dev
- name: List files - name: List files
run: ls -la run: ls -la
- name: Create /etc/xdpfw directory.
run: sudo mkdir -p /etc/xdpfw
- name: Copy XDP program to /etc/xdpfw.
run: sudo cp -f ./build-output/xdp/xdp_prog.o /etc/xdpfw
- name: Add execute permissions to executable file - name: Add execute permissions to executable file
run: sudo chmod +x ./xdpfw run: sudo chmod +x ./build-output/loader/xdpfw
- name: Run XDP FW with help menu - name: Create basic config file.
run: sudo ./xdpfw -h run: echo 'verbose = 5; filters = ( { enabled = true; log = true; action = 0; tcp_enabled = true; tcp_dport = 22; } );' > ./basic.conf
- name: Retrieve default network interface
run: echo "INTERFACE=$(ip route | awk '/default/ {print $5}')" >> $GITHUB_ENV
- name: Run XDP FW for 10 seconds using basic config and default network interface.
run: sudo ./build-output/loader/xdpfw -c ./basic.conf -t 10 -i ${{ env.INTERFACE }}

13
src/loader/utils/config.c
View File

@@ -273,6 +273,17 @@ int parse_cfg(config__t *cfg, const char* data, config_overrides_t* overrides)
} }
} }
} }
else if (overrides && overrides->interface)
{
if (cfg->interfaces[0])
{
free(cfg->interfaces[0]);
cfg->interfaces[0] = NULL;
}
cfg->interfaces[0] = strdup(overrides->interface);
cfg->interfaces_cnt = 1;
}
// Pin BPF maps. // Pin BPF maps.
int pin_maps; int pin_maps;
@@ -1433,7 +1444,7 @@ void print_filter(filter_rule_cfg_t* filter, int idx)
// ICMP Options. // ICMP Options.
printf("\t\tICMP Options\n"); printf("\t\tICMP Options\n");
printf("\t\t\tICMP Enabled => %d\n", filter->icmp.enabled); printf("\t\t\tICMP Enabled => %d\n", filter->icmp.enabled);
printf("\t\t\tICMP Code => %d\n", filter->icmp.code); printf("\t\t\tICMP Code => %d\n", filter->icmp.code);
printf("\t\t\tICMP Type => %d\n", filter->icmp.type); printf("\t\t\tICMP Type => %d\n", filter->icmp.type);