Skip to content

Implement Dynamic Kernel Module Parameters for DAI Inspection, Static ACLs, VLANs, and Trusted Interfaces#37

Merged
KorelU merged 9 commits into
mainfrom
DynamicModuleParameters
May 17, 2025
Merged

Implement Dynamic Kernel Module Parameters for DAI Inspection, Static ACLs, VLANs, and Trusted Interfaces#37
KorelU merged 9 commits into
mainfrom
DynamicModuleParameters

Conversation

@KorelU

@KorelU KorelU commented May 17, 2025

Copy link
Copy Markdown
Collaborator

Implemented dynamic kernel module parameters to configure global DAI inspection, static ACLs, VLANs to inspect, and trusted interfaces. These parameters enable runtime modifications of packet inspection settings, including toggling global DAI, controlling static ACLs, specifying VLANs for inspection, and defining trusted interfaces.

New parameter handlers were added for managing these settings, with enhanced logging for changes. Also added basic error checking to ensure interfaces exist, VLANs are valid (with default VLAN ID set to 1), and that parsing is skipped for empty strings.

Test cases now load the kernel module first and validate features through dynamically loaded parameters to intended administrator usage of DAI.

KorelU added 9 commits May 17, 2025 01:36
Implemented dynamic kernel module parameters to configure global DAI inspection, static ACLs, VLANs to inspect, and trusted interfaces. These parameters allow runtime modifications for packet inspection settings, including enabling/disabling DAI globally, controlling static ACLs, specifying VLANs for inspection, and defining trusted interfaces. Additionally, new parameter handlers were added to manage these settings and provide appropriate logging for changes.

Signed-off-by: Korel <Korelucpinar@gmail.com>
Check that parsing edge cases return and no parsing is attempted on empty strings

Signed-off-by: Korel <Korelucpinar@gmail.com>
Add Basic Error Checking for Trusted Interfaces and VLANs by ensuring interfaces that are added must exist and that vlans are within a valid range

Signed-off-by: Korel <Korelucpinar@gmail.com>
Default VLAN Id should be 1 and not 0 in order to adhere to appropriate VLAN ranges.

Signed-off-by: Korel <Korelucpinar@gmail.com>
Test Cases will now load the kernel module first then test te features using Dynamically loaded kernel module parameters. This is intended to more accurately represent how DAI will be use by administrators.

Signed-off-by: Korel <Korelucpinar@gmail.com>
Add sudo to increase file permissions

Signed-off-by: Korel <Korelucpinar@gmail.com>
Adjust the testcases to allow modificaiton of dynamic kernel module parameters by writing to them with root permissions

Signed-off-by: Korel <Korelucpinar@gmail.com>
Refactoring a change made to the test case parameters. The Test case should only be adding VLAN 10 to the vlans_to_inspect list

Signed-off-by: Korel <Korelucpinar@gmail.com>
Change the echo command to use tee in order to gain root level writing permissions

Signed-off-by: Korel <Korelucpinar@gmail.com>
@KorelU KorelU merged commit a4023a9 into main May 17, 2025
2 checks passed
@KorelU KorelU deleted the DynamicModuleParameters branch May 17, 2025 23:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant