Implement Dynamic Kernel Module Parameters for DAI Inspection, Static ACLs, VLANs, and Trusted Interfaces#37
Merged
Merged
Conversation
Implemented dynamic kernel module parameters to configure global DAI inspection, static ACLs, VLANs to inspect, and trusted interfaces. These parameters allow runtime modifications for packet inspection settings, including enabling/disabling DAI globally, controlling static ACLs, specifying VLANs for inspection, and defining trusted interfaces. Additionally, new parameter handlers were added to manage these settings and provide appropriate logging for changes. Signed-off-by: Korel <Korelucpinar@gmail.com>
Check that parsing edge cases return and no parsing is attempted on empty strings Signed-off-by: Korel <Korelucpinar@gmail.com>
Add Basic Error Checking for Trusted Interfaces and VLANs by ensuring interfaces that are added must exist and that vlans are within a valid range Signed-off-by: Korel <Korelucpinar@gmail.com>
Default VLAN Id should be 1 and not 0 in order to adhere to appropriate VLAN ranges. Signed-off-by: Korel <Korelucpinar@gmail.com>
Test Cases will now load the kernel module first then test te features using Dynamically loaded kernel module parameters. This is intended to more accurately represent how DAI will be use by administrators. Signed-off-by: Korel <Korelucpinar@gmail.com>
Add sudo to increase file permissions Signed-off-by: Korel <Korelucpinar@gmail.com>
Adjust the testcases to allow modificaiton of dynamic kernel module parameters by writing to them with root permissions Signed-off-by: Korel <Korelucpinar@gmail.com>
Refactoring a change made to the test case parameters. The Test case should only be adding VLAN 10 to the vlans_to_inspect list Signed-off-by: Korel <Korelucpinar@gmail.com>
Change the echo command to use tee in order to gain root level writing permissions Signed-off-by: Korel <Korelucpinar@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Implemented dynamic kernel module parameters to configure global DAI inspection, static ACLs, VLANs to inspect, and trusted interfaces. These parameters enable runtime modifications of packet inspection settings, including toggling global DAI, controlling static ACLs, specifying VLANs for inspection, and defining trusted interfaces.
New parameter handlers were added for managing these settings, with enhanced logging for changes. Also added basic error checking to ensure interfaces exist, VLANs are valid (with default VLAN ID set to 1), and that parsing is skipped for empty strings.
Test cases now load the kernel module first and validate features through dynamically loaded parameters to intended administrator usage of DAI.