remove comments from BPFs

2025-12-06 09:12:45 +01:00 · 2023-11-08 11:23:19 -05:00
parent b008661b6b
commit f46aef1611
4 changed files with 19 additions and 0 deletions
--- a/salt/bpf/macros.jinja
+++ b/salt/bpf/macros.jinja
@@ -0,0 +1,10 @@
 {% macro remove_comments(bpfmerged, app) %}
 {# remove comments from the bpf #}
 {% for bpf in bpfmerged[app] %}
 {%   if bpf.strip().startswith('#') %}
 {%     do bpfmerged[app].pop(loop.index0) %}
 {%   endif %}
 {% endfor %}
 {% endmacro %}
--- a/salt/bpf/pcap.map.jinja
+++ b/salt/bpf/pcap.map.jinja
@@ -1,4 +1,7 @@
 {% import_yaml 'bpf/defaults.yaml' as BPFDEFAULTS %}
 {% set BPFMERGED = salt['pillar.get']('bpf', BPFDEFAULTS.bpf, merge=True) %}
 {% import 'bpf/macros.jinja' as MACROS %}
 {{ MACROS.remove_comments(BPFMERGED, 'pcap') }}
 {% set PCAPBPF = BPFMERGED.pcap %}
--- a/salt/bpf/suricata.map.jinja
+++ b/salt/bpf/suricata.map.jinja
@@ -1,4 +1,7 @@
 {% import_yaml 'bpf/defaults.yaml' as BPFDEFAULTS %}
 {% set BPFMERGED = salt['pillar.get']('bpf', BPFDEFAULTS.bpf, merge=True) %}
 {% import 'bpf/macros.jinja' as MACROS %}
 {{ MACROS.remove_comments(BPFMERGED, 'suricata') }}
 {% set SURICATABPF = BPFMERGED.suricata %}
--- a/salt/bpf/zeek.map.jinja
+++ b/salt/bpf/zeek.map.jinja
@@ -1,4 +1,7 @@
 {% import_yaml 'bpf/defaults.yaml' as BPFDEFAULTS %}
 {% set BPFMERGED = salt['pillar.get']('bpf', BPFDEFAULTS.bpf, merge=True) %}
 {% import 'bpf/macros.jinja' as MACROS %}
 {{ MACROS.remove_comments(BPFMERGED, 'zeek') }}
 {% set ZEEKBPF = BPFMERGED.zeek %}