CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-05-02 09:28:31 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #11741 from Security-Onion-Solutions/issue/11738

Browse Source 
remove comments from BPFs
This commit is contained in:
Josh Patterson
2023-11-08 15:25:02 -05:00
committed by GitHub
parent 9df3a8fc18 f46aef1611
commit 01e846ba22
4 changed files with 19 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
salt/bpf/macros.jinja
+10
View File
@@ -0,0 +1,10 @@
{% macro remove_comments(bpfmerged, app) %}
{# remove comments from the bpf #}
{% for bpf in bpfmerged[app] %}
{% if bpf.strip().startswith('#') %}
{% do bpfmerged[app].pop(loop.index0) %}
{% endif %}
{% endfor %}
{% endmacro %}
salt/bpf/pcap.map.jinja
+3
View File
@@ -1,4 +1,7 @@
{% import_yaml 'bpf/defaults.yaml' as BPFDEFAULTS %} {% import_yaml 'bpf/defaults.yaml' as BPFDEFAULTS %}
{% set BPFMERGED = salt['pillar.get']('bpf', BPFDEFAULTS.bpf, merge=True) %} {% set BPFMERGED = salt['pillar.get']('bpf', BPFDEFAULTS.bpf, merge=True) %}
{% import 'bpf/macros.jinja' as MACROS %}
{{ MACROS.remove_comments(BPFMERGED, 'pcap') }}
{% set PCAPBPF = BPFMERGED.pcap %} {% set PCAPBPF = BPFMERGED.pcap %}
salt/bpf/suricata.map.jinja
+3
View File
@@ -1,4 +1,7 @@
{% import_yaml 'bpf/defaults.yaml' as BPFDEFAULTS %} {% import_yaml 'bpf/defaults.yaml' as BPFDEFAULTS %}
{% set BPFMERGED = salt['pillar.get']('bpf', BPFDEFAULTS.bpf, merge=True) %} {% set BPFMERGED = salt['pillar.get']('bpf', BPFDEFAULTS.bpf, merge=True) %}
{% import 'bpf/macros.jinja' as MACROS %}
{{ MACROS.remove_comments(BPFMERGED, 'suricata') }}
{% set SURICATABPF = BPFMERGED.suricata %} {% set SURICATABPF = BPFMERGED.suricata %}
salt/bpf/zeek.map.jinja
+3
View File
@@ -1,4 +1,7 @@
{% import_yaml 'bpf/defaults.yaml' as BPFDEFAULTS %} {% import_yaml 'bpf/defaults.yaml' as BPFDEFAULTS %}
{% set BPFMERGED = salt['pillar.get']('bpf', BPFDEFAULTS.bpf, merge=True) %} {% set BPFMERGED = salt['pillar.get']('bpf', BPFDEFAULTS.bpf, merge=True) %}
{% import 'bpf/macros.jinja' as MACROS %}
{{ MACROS.remove_comments(BPFMERGED, 'zeek') }}
{% set ZEEKBPF = BPFMERGED.zeek %} {% set ZEEKBPF = BPFMERGED.zeek %}