on tient qqc là

pythops · Oct 7, 2024 · 48a4078 · 48a4078
1 parent 73ad77a
commit 48a4078
Show file tree

Hide file tree

Showing 2 changed files with 29 additions and 7 deletions.
diff --git a/oryx-tui/src/ebpf.rs b/oryx-tui/src/ebpf.rs
@@ -74,8 +74,8 @@ fn update_ipv4_blocklist(
             // add port to blocklist
             if let Some(first_zero) = blocked_ports.iter().enumerate().find(|&x| *x.1 == 0) {
                 blocked_ports[first_zero.0] = port;
-                dbg!("UPSERTING");
-                dbg!(blocked_ports[0], blocked_ports[1]);
+                // dbg!("UPSERTING");
+                // dbg!(blocked_ports[0], blocked_ports[1]);
                 ipv4_firewall
                     .insert(addr.to_bits(), blocked_ports, 0)
                     .unwrap();
@@ -84,10 +84,22 @@ fn update_ipv4_blocklist(
             }
         } else {
             //  remove port from blocklist
-            if let Some(matching_port) = blocked_ports.iter().enumerate().find(|&x| *x.1 == port) {
-                blocked_ports[matching_port.0] = 0;
-                dbg!("REMOVING");
-                dbg!(blocked_ports[0], blocked_ports[1]);
+            // on veut rebuild une blocklist avec les ports restants non nuls
+            // par example là [8888,0,80,0,..]
+            // hashmap = key:[0,0,0]
+            // => [8888,80,0 ....]
+            let non_null_ports = blocked_ports
+                .into_iter()
+                .filter(|p| (*p != 0 && *p != port))
+                .collect::<Vec<u16>>();
+            let mut blocked_ports = [0; 32];
+            for (idx, p) in non_null_ports.iter().enumerate() {
+                blocked_ports[idx] = *p;
+            }
+            if blocked_ports.iter().sum::<u16>() == 0 {
+                //now block_list is empty, we need to delete key
+                ipv4_firewall.remove(&addr.to_bits()).unwrap();
+            } else {
                 ipv4_firewall
                     .insert(addr.to_bits(), blocked_ports, 0)
                     .unwrap();
@@ -96,7 +108,7 @@ fn update_ipv4_blocklist(
     } else {
         // shouldn't be disabling if blocklist is empty
         assert!(enabled);
-        //create new blocklist with port as first element
+        // create new blocklist with port as first element
         let mut blocked_ports: [u16; 32] = [0; 32];
         blocked_ports[0] = port;
         ipv4_firewall

diff --git a/oryx-tui/src/section/firewall.rs b/oryx-tui/src/section/firewall.rs
@@ -270,6 +270,14 @@ impl Firewall {
 
                         if let Some(id) = user_input.id {
                             let rule = self.rules.iter_mut().find(|rule| rule.id == id).unwrap();
+
+                            if rule.enabled {
+                                // set disable notification on previous rule definition
+                                rule.enabled = false;
+                                self.ingress_sender.send(rule.clone())?;
+                            }
+
+                            // update rule with user input
                             rule.name = user_input.name.field.to_string();
                             rule.ip = IpAddr::from_str(user_input.ip.field.value()).unwrap();
                             rule.port = u16::from_str(user_input.port.field.value()).unwrap();
@@ -331,6 +339,8 @@ impl Firewall {
 
                 KeyCode::Char('d') => {
                     if let Some(index) = self.state.selected() {
+                        self.rules[index].enabled = false;
+                        self.ingress_sender.send(self.rules[index].clone())?;
                         self.rules.remove(index);
                     }
                 }