From 48a40786a265341151480648a239e654ecd4485f Mon Sep 17 00:00:00 2001 From: adrien gaultier Date: Mon, 7 Oct 2024 15:49:37 +0200 Subject: [PATCH] =?UTF-8?q?on=20tient=20qqc=20l=C3=A0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- oryx-tui/src/ebpf.rs | 26 +++++++++++++++++++------- oryx-tui/src/section/firewall.rs | 10 ++++++++++ 2 files changed, 29 insertions(+), 7 deletions(-) diff --git a/oryx-tui/src/ebpf.rs b/oryx-tui/src/ebpf.rs index bd1fba1..2cecd60 100644 --- a/oryx-tui/src/ebpf.rs +++ b/oryx-tui/src/ebpf.rs @@ -74,8 +74,8 @@ fn update_ipv4_blocklist( // add port to blocklist if let Some(first_zero) = blocked_ports.iter().enumerate().find(|&x| *x.1 == 0) { blocked_ports[first_zero.0] = port; - dbg!("UPSERTING"); - dbg!(blocked_ports[0], blocked_ports[1]); + // dbg!("UPSERTING"); + // dbg!(blocked_ports[0], blocked_ports[1]); ipv4_firewall .insert(addr.to_bits(), blocked_ports, 0) .unwrap(); @@ -84,10 +84,22 @@ fn update_ipv4_blocklist( } } else { // remove port from blocklist - if let Some(matching_port) = blocked_ports.iter().enumerate().find(|&x| *x.1 == port) { - blocked_ports[matching_port.0] = 0; - dbg!("REMOVING"); - dbg!(blocked_ports[0], blocked_ports[1]); + // on veut rebuild une blocklist avec les ports restants non nuls + // par example là [8888,0,80,0,..] + // hashmap = key:[0,0,0] + // => [8888,80,0 ....] + let non_null_ports = blocked_ports + .into_iter() + .filter(|p| (*p != 0 && *p != port)) + .collect::>(); + let mut blocked_ports = [0; 32]; + for (idx, p) in non_null_ports.iter().enumerate() { + blocked_ports[idx] = *p; + } + if blocked_ports.iter().sum::() == 0 { + //now block_list is empty, we need to delete key + ipv4_firewall.remove(&addr.to_bits()).unwrap(); + } else { ipv4_firewall .insert(addr.to_bits(), blocked_ports, 0) .unwrap(); @@ -96,7 +108,7 @@ fn update_ipv4_blocklist( } else { // shouldn't be disabling if blocklist is empty assert!(enabled); - //create new blocklist with port as first element + // create new blocklist with port as first element let mut blocked_ports: [u16; 32] = [0; 32]; blocked_ports[0] = port; ipv4_firewall diff --git a/oryx-tui/src/section/firewall.rs b/oryx-tui/src/section/firewall.rs index a87bf3c..2958dc7 100644 --- a/oryx-tui/src/section/firewall.rs +++ b/oryx-tui/src/section/firewall.rs @@ -270,6 +270,14 @@ impl Firewall { if let Some(id) = user_input.id { let rule = self.rules.iter_mut().find(|rule| rule.id == id).unwrap(); + + if rule.enabled { + // set disable notification on previous rule definition + rule.enabled = false; + self.ingress_sender.send(rule.clone())?; + } + + // update rule with user input rule.name = user_input.name.field.to_string(); rule.ip = IpAddr::from_str(user_input.ip.field.value()).unwrap(); rule.port = u16::from_str(user_input.port.field.value()).unwrap(); @@ -331,6 +339,8 @@ impl Firewall { KeyCode::Char('d') => { if let Some(index) = self.state.selected() { + self.rules[index].enabled = false; + self.ingress_sender.send(self.rules[index].clone())?; self.rules.remove(index); } }