From ae087c55525e19553343a0084e9e695292cbbf4a Mon Sep 17 00:00:00 2001 From: Josh Brower Date: Tue, 28 Jan 2020 16:53:19 -0500 Subject: [PATCH] Steno BPF tweaks --- salt/pcap/files/compile_bpf.sh | 37 ---------------------------------- salt/pcap/files/config | 2 +- salt/pcap/init.sls | 34 ++++++++++--------------------- 3 files changed, 12 insertions(+), 61 deletions(-) delete mode 100644 salt/pcap/files/compile_bpf.sh diff --git a/salt/pcap/files/compile_bpf.sh b/salt/pcap/files/compile_bpf.sh deleted file mode 100644 index 44c5b8249..000000000 --- a/salt/pcap/files/compile_bpf.sh +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/bash - -# Copyright 2014 Google Inc. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -if [ "$#" -lt 2 ]; then - cat 1>&2 <. -{% set VERSION = salt['pillar.get']('static:soversion', '1.1.4') %} +{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.1.4') %} {% set MASTER = salt['grains.get']('master') %} +{% set INTERFACE = salt['pillar.get']('sensor:interface', 'bond0') %} +{% set BPF_STENO = salt['pillar.get']('steno:bpf', None) %} +{% set BPF_COMPILED = "" %} + # PCAP Section # Create the logstash group @@ -36,31 +40,19 @@ stenoconfdir: - group: 939 - makedirs: True -{% set interface = salt['pillar.get']('sensor:interface', 'bond0') %} -{% set bpf_global = salt['pillar.get']('static:steno:bpf', None) %} -{% set bpf_steno = salt['pillar.get']('steno:bpf', None) %} - -{% if bpf_steno != None or bpf_global != None %} - {% if bpf_steno != None %} - {% set bpf_calc = salt['cmd.script']('salt://pcap/files/compile_bpf.sh', interface + ' ' + bpf_steno) %} - {% else %} - {% set bpf_calc = salt['cmd.script']('salt://pcap/files/compile_bpf.sh', interface + ' ' + bpf_global) %} - {% endif %} - {% if bpf_calc['stderr'] == "" %} - {% set bpf_compiled = bpf_calc['stdout'] %} +{% if BPF_STENO %} + {% set BPF_CALC = salt['cmd.script']('/usr/sbin/so-bpf-compile', INTERFACE + ' ' + BPF_STENO|join(" ") ) %} + {% if BPF_CALC['stderr'] == "" %} + {% set BPF_COMPILED = ",\\\"--filter=" + BPF_CALC['stdout'] + "\\\"" %} {% else %} - {% set bpf_compiled = None %} bpfcompilationfailure: test.configurable_test_state: - - name: bpfcompfailure - changes: False - result: False - comment: "BPF Compilation Failed - Discarding specified BPF" {% endif %} -{% else %} - {% set bpf_compiled = None %} {% endif %} stenoconf: @@ -72,11 +64,7 @@ stenoconf: - mode: 644 - template: jinja - defaults: - bpf_compiled: "" -{% if bpf_compiled != None %} - - context: - bpf_compiled: ',"--filter={{ bpf_compiled }}"' -{% endif %} + BPF_COMPILED: "{{ BPF_COMPILED }}" sensoroniagentconf: file.managed: @@ -130,7 +118,7 @@ stenolog: so-steno: docker_container.running: - - image: {{ MASTER }}:5000/soshybridhunter/so-steno:HH{{ VERSION }} + - image: {{ MASTER }}:5000/soshybridhunter/so-steno:{{ VERSION }} - network_mode: host - privileged: True - port_bindings: